Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
 

[ Track this topic :: Email this topic :: Print this topic ]

reply to topic new topic new poll
Topic: Permissions on backup/restore password file< Next Oldest | Next Newest >
WDef Offline





Group: Members
Posts: 798
Joined: Sep. 2005
Posted: Sep. 19 2005,08:15 QUOTE

Since passwords can now be set for root and the user 'dsl', I wondered if it would be consistent to restrict
perms on /etc/sysconfig/des to 600 in /etc/init.d/dsl-config before writing the backup/restore
password there?

At present this file is world-readable.

For eg:
Code Sample
if checkbootparam "protect"; then
     getpasswd "encryption"
     touch /etc/sysconfig/des
     chmod 600 /etc/sysconfig/des
     echo "$PASSWD" > /etc/sysconfig/des
  fi

(Requires remastering of the iso to test).
 
If filetool.sh is still to be executable by user dsl, sudo will then need to be inserted
before the 'cat /etc/sysconfig/des' lines in filetool.sh.
Code Sample
KEY=$(sudo cat /etc/sysconfig/des)

However, since filetool.sh never seems to be executed other than by root/sudo, all the 'sudo' commands
might be safely removable from filetool.sh. In that case, the 'chown root $MOUNTPOINT/backup.des' in the hacked
scripts I  posted recently also can be removed.
Back to top
Profile PM 
0 replies since Sep. 19 2005,08:15 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

 
reply to topic new topic new poll
Quick Reply: Permissions on backup/restore password file

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code