[alpine-devel] Permissions on initramfs with cryptkey feature

Daniel Gerber <dg@atufi.org>

Details

Message ID: <87pntw1cdg.fsf@atufi.org>
Sender timestamp: 1545317403
DKIM signature: missing

Hello alpine,

When using mkinitfs cryptkey feature, shouldn't the initramfs file 
have stricter permissions? It would be convenient if it were done 
by default in the mkinitfs package.


diff --git a/main/mkinitfs/mkinitfs.trigger 
b/main/mkinitfs/mkinitfs.trigger
index e8acc97854..53125959f3 100644
--- a/main/mkinitfs/mkinitfs.trigger
+++ b/main/mkinitfs/mkinitfs.trigger
@@ -13,6 +13,7 @@ for i in "$@"; do
 	abi_release=$(cat "$i"/kernel.release)
 	initfs=initramfs-$flavor
 	mkinitfs -o /boot/$initfs $abi_release
+	chmod 0600 /boot/$initfs
 done

 # extlinux will use path relative partition, so if /boot is on a



--
Daniel Gerber
--


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

~alpine/devel

[alpine-devel] Permissions on initramfs with cryptkey feature