| === himcesjf_ is now known as him-cesjf | ||
| alkisg | Hi, ubuntu is the only distro that I know of, that ships vmlinuz with mode=600 instead of e.g. 644. | 11:33 |
|---|---|---|
| alkisg | So if we want to export a $CHROOT/boot via tftp, we need to run dnsmasq as root, making our systems unsafer. | 11:33 |
| alkisg | Was this done for security reasons? But isn't vmlinuz publicly available anyway? Is the rationale documented anywhere, or, could I send a message and discuss it in some mailing list? | 11:33 |
| alkisg | (and initrd that may actually contain local sensitive information is world-readable...) | 11:39 |
| * alkisg reads through https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 ... | 11:45 | |
| ubot5` | Ubuntu bug 759725 in linux (Ubuntu) "The kernel is no longer readable by non-root users" [Medium,Won't fix] | 11:45 |
| alkisg | I don't agree but the decision seems to be crystallized. Oh well. :) | 12:05 |
| === mozmck is now known as mozmck_m | ||
| === mozmck_m is now known as mozmck | ||
| === ben_r_ is now known as ben_r | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!