[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: activation: Do not make setuid programs setgid-root [security].
|
From: |
guix-commits |
|
Subject: |
01/02: activation: Do not make setuid programs setgid-root [security]. |
|
Date: |
Tue, 9 Feb 2021 04:10:25 -0500 (EST) |
civodul pushed a commit to branch master
in repository guix.
commit aa8de806252e3835d57fab351b02d13db762deac
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Tue Feb 9 09:55:27 2021 +0100
activation: Do not make setuid programs setgid-root [security].
Fixes <https://bugs.gnu.org/46395>.
Reported by Duncan Overbruck <mail@duncano.de>.
* gnu/build/activation.scm (activate-setuid-programs): Change TARGET
mode to not be setgid.
---
gnu/build/activation.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 4b67926..b458aee 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès
<ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic
Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
@@ -234,7 +234,7 @@ they already exist."
"/" (basename prog))))
(copy-file prog target)
(chown target 0 0)
- (chmod target #o6555)))
+ (chmod target #o4555)))
(format #t "setting up setuid programs in '~a'...~%"
%setuid-directory)