Author: raskin
Date: Wed Oct 20 09:29:02 2010
New Revision: 24378
URL: https://svn.nixos.org/websvn/nix/?rev=24378&sc=1
Log:
To prevent glibc bug exploitation, make setuid-wrappers unreadable to non-root
users
Modified:
nixos/trunk/modules/security/setuid-wrappers.nix
Modified: nixos/trunk/modules/security/setuid-wrappers.nix
==============================================================================
--- nixos/trunk/modules/security/setuid-wrappers.nix Wed Oct 20 09:08:39
2010 (r24377)
+++ nixos/trunk/modules/security/setuid-wrappers.nix Wed Oct 20 09:29:02
2010 (r24378)
@@ -92,7 +92,7 @@
, group ? "nogroup"
, setuid ? false
, setgid ? false
- , permissions ? "u+rx,g+rx,o+rx"
+ , permissions ? "u+rx,g+x,o+x"
}:
''
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits
