kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Change the default setuid-root permissions from 4711 to 4555. This

Browse source 
strips off the write bit for root and gets rid of the unnecessary lack
of read permissions for "group" and "other".  Inspired by /usr/bin/su
on NetBSD.
This commit is contained in:
jlam 2007-06-15 14:46:02 +00:00
parent 94d65f602d
commit ac27702398
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
mk/pkginstall/bsd.pkginstall.mk
View file

@ -1,4 +1,4 @@
# $NetBSD: bsd.pkginstall.mk,v 1.23 2007/06/15 14:14:36 jlam Exp $ # $NetBSD: bsd.pkginstall.mk,v 1.24 2007/06/15 14:46:02 jlam Exp $
# #
# This Makefile fragment is included by bsd.pkg.mk and implements the # This Makefile fragment is included by bsd.pkg.mk and implements the
# common INSTALL/DEINSTALL scripts framework. To use the pkginstall # common INSTALL/DEINSTALL scripts framework. To use the pkginstall
@ -315,7 +315,7 @@ su-create-usergroup: ${_INSTALL_USERGROUP_UNPACKER}
# Keywords: setuid setgid st_mode perms # Keywords: setuid setgid st_mode perms
# #
SPECIAL_PERMS?= # empty SPECIAL_PERMS?= # empty
SETUID_ROOT_PERMS?= ${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 4711 SETUID_ROOT_PERMS?= ${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 4555
_INSTALL_PERMS_FILE= ${_PKGINSTALL_DIR}/perms _INSTALL_PERMS_FILE= ${_PKGINSTALL_DIR}/perms
_INSTALL_PERMS_DATAFILE= ${_PKGINSTALL_DIR}/perms-data _INSTALL_PERMS_DATAFILE= ${_PKGINSTALL_DIR}/perms-data