tomb

the crypto undertaker
git clone git://parazyd.org/tomb.git
Log | Files | Refs | README | LICENSE
commit da349afeda5349de1dde3a50bacdbb0c21c77f1c
parent 252d79223b83c1418acd3629b011db11ad43a444
Author: Jaromil <jaromil@dyne.org>
Date:   Mon, 14 Jul 2014 18:58:09 +0200

Security fix for use in multi-user environments

The tomb mount is now readable by the opening uid only (711 r-x--x--x);
directory access is preserved to allow sharing access to certain subdirs.

Review and fix contributed by Morten Langlo

Diffstat:

Mtomb | 2+-


1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tomb b/tomb
@@ -1560,7 +1560,7 @@ mount_tomb() {
     mount -o $MOUNTOPTS /dev/mapper/${mapper} ${tombmount}
 
     chown ${_uid}:${_gid} ${tombmount}
-    chmod 0750 ${tombmount}
+    chmod 0711 ${tombmount}
 
     _success "Success opening $tombfile on $fg_bold[white]$tombmount$fg_no_bold[white]"