=== himcesjf_ is now known as him-cesjf
[11:33] <alkisg> Hi, ubuntu is the only distro that I know of, that ships vmlinuz with mode=600 instead of e.g. 644.
[11:33] <alkisg> So if we want to export a $CHROOT/boot via tftp, we need to run dnsmasq as root, making our systems unsafer.
[11:33] <alkisg> Was this done for security reasons? But isn't vmlinuz publicly available anyway? Is the rationale documented anywhere, or, could I send a message and discuss it in some mailing list?
[11:39] <alkisg> (and initrd that may actually contain local sensitive information is world-readable...)
[11:45]  * alkisg reads through https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 ...
[11:45] <ubot5`> Ubuntu bug 759725 in linux (Ubuntu) "The kernel is no longer readable by non-root users" [Medium,Won't fix]
[12:05] <alkisg> I don't agree but the decision seems to be crystallized. Oh well. :)
=== mozmck is now known as mozmck_m
=== mozmck_m is now known as mozmck
=== ben_r_ is now known as ben_r