diff options
| author | Joey Hess <joey@kitenet.net> | 2014-11-21 16:01:51 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-11-21 16:01:51 -0400 |
| commit | f6afeb889f4b11418daac7825c1adb1df4ff145c (patch) | |
| tree | cd45365a8cc3dcee9a3df7b64f29b7b00305ecd7 /src | |
| parent | c4accb72e20bc0906c1089c60574b844234d6401 (diff) | |
lock down chroot perm
Diffstat (limited to 'src')
| -rw-r--r-- | src/Propellor/Property/Debootstrap.hs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/Propellor/Property/Debootstrap.hs b/src/Propellor/Property/Debootstrap.hs index 747662c5..0611e735 100644 --- a/src/Propellor/Property/Debootstrap.hs +++ b/src/Propellor/Property/Debootstrap.hs @@ -16,6 +16,7 @@ import Data.List import Data.Char import Control.Exception import System.Posix.Directory +import System.Posix.Files type Url = String @@ -63,6 +64,11 @@ built target system@(System _ arch) config = setupprop = property ("debootstrapped " ++ target) $ liftIO $ do createDirectoryIfMissing True target + -- Don't allow non-root users to see inside the chroot, + -- since doing so can allow them to do various attacks + -- including hard link farming suid programs for later + -- exploitation. + modifyFileMode target (removeModes [otherReadMode, otherExecuteMode, otherWriteMode]) suite <- case extractSuite system of Nothing -> errorMessage $ "don't know how to debootstrap " ++ show system Just s -> pure s |