-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, May 27, 2023 at 07:33:53PM +, Ben Grande wrote:
> On 23-05-27 19:25:54, Ben Grande wrote:
> > Without this, it defaults to what unmask allows, normally 644.
> > Without being group owned, editing the policy manually leads to a RO
> > file and if the user force writes, will change the ownership to
> > user:user.
> >
> > Signed-off-by: Ben Grande
> > ---
> > qrexec/policy/admin.py | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/qrexec/policy/admin.py b/qrexec/policy/admin.py
> > index da5bd9f..c5bfc23 100644
> > --- a/qrexec/policy/admin.py
> > +++ b/qrexec/policy/admin.py
> > @@ -201,6 +201,7 @@ class PolicyAdmin:
> >
> > temp_path = path.with_name(RENAME_PREFIX + path.name)
> > temp_path.write_bytes(data)
> > +temp_path.chmod(0o664)
> > temp_path.rename(path)
> >
> > # Remove
> > --
> > Benjamin Grande
>
> Perhaps it should also set the ownership to root:qubes?
Yes, I think so.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmRya6sACgkQ24/THMrX
1ywTKAgAhiA0mnNSdHQNdcC07kujGCQAoliWmA4xLZ62eC/puXoeMPfIpAQDbDrJ
nH9V9Ep2OaERUBRO0+/gcmnGWxRmeMYD1WGt/NlGlrCXRhpJjxxBZx5xSeIZRt6b
DAtrVADJr650spRO/WuxmyStaPnZkXvefcz89Wl4qJUscrmNNnGGC1E1zmbh1V49
onJJNMemDalFyTPkA0uajh7CeSwEdpml4G+tBVh8T11k0F6DBVT0BdlsZyFrEHF6
KjB5Vlv2xVog13z7KNvWxfYn2s/Om4sTJMqCCCQr0vexpG0RXZBAEgMdI/xf5und
Y3/0vyvY2vmrnE+UkuLUzDM0Yk32fQ==
=dHmf
-END PGP SIGNATURE-
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/ZHJrq0I4yBA1cXy6%40mail-itl.