From e43242e04ad4bc0bf47b60da01799faaa844902f Mon Sep 17 00:00:00 2001 From: Thierry Vignaud Date: Thu, 4 Feb 2010 15:07:38 +0000 Subject: (write_grub) ensure /boot/grub/menu.lst permissions are 0600 since it can contains a password --- perl-install/NEWS | 2 ++ perl-install/bootloader.pm | 2 +- perl-install/install/NEWS | 2 ++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/perl-install/NEWS b/perl-install/NEWS index 2c8b8f1c2..aab15d0e7 100644 --- a/perl-install/NEWS +++ b/perl-install/NEWS @@ -10,6 +10,8 @@ o wifi: r8187se, r8192_pci, r8192u_usb, rt2800pci, vt6655_stage, vt6656_stage - drakboot: o default to always crypt grub passwords + o ensure /boot/grub/menu.lst permissions are 0600 since it can + contains a password o fix support for crypted grub passwords Version 13.9 - 4 February 2010 diff --git a/perl-install/bootloader.pm b/perl-install/bootloader.pm index 5b2ac248c..08b099890 100644 --- a/perl-install/bootloader.pm +++ b/perl-install/bootloader.pm @@ -1810,7 +1810,7 @@ sub write_grub { my $f = "$::prefix/boot/grub/menu.lst"; log::l("writing grub config to $f"); renamef($f, $f . ($o_backup_extension || '.old')); - output($f, map { "$_\n" } @conf); + output_with_perm($f, 0600, map { "$_\n" } @conf); } { my $f = "$::prefix/boot/grub/install.sh"; diff --git a/perl-install/install/NEWS b/perl-install/install/NEWS index 132cffa7b..a95b8d45e 100644 --- a/perl-install/install/NEWS +++ b/perl-install/install/NEWS @@ -13,6 +13,8 @@ o always display security settings o allow timeout to be '0' o default to always crypt grub passwords + o ensure /boot/grub/menu.lst permissions are 0600 since it can + contains a password - partitioning wizard: o offer to install on dmraid (instead of crashing if no other disk) o offer to install on existing lvm -- cgit v1.2.1