diff options
| author | Andreas Kling <kling@serenityos.org> | 2021-05-30 22:06:28 +0200 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2021-05-30 23:09:37 +0200 |
| commit | 33f2eeea4a39dd892bad3930d1f2cfdfa7e3a7f8 (patch) | |
| tree | 02f659bb5fdf04603bf1d7b3902856a8ad574bfa /Meta/build-root-filesystem.sh | |
| parent | dfd988707c013d68f64fb56892480248fdce03a1 (diff) | |
| download | serenity-33f2eeea4a39dd892bad3930d1f2cfdfa7e3a7f8.zip | |
pls: Drastically simplify this program
Since this program is setuid-root, it should be as simple as possible.
To that end, remove `/etc/plsusers` and use filesystem permissions to
achieve the same thing. `/bin/pls` is now only executable by `root` or
members of the `wheel` group.
Also remove all the logic that went to great lengths to `unveil()` a
minimal set of filesystem paths that may be used for the command.
The complexity-to-benefit ratio did not seem justified, and I think
we're better off keeping this simple.
Finally, remove pledge promises the moment they are no longer needed.
Diffstat (limited to 'Meta/build-root-filesystem.sh')
| -rwxr-xr-x | Meta/build-root-filesystem.sh | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/Meta/build-root-filesystem.sh b/Meta/build-root-filesystem.sh index e80987b638..b2b454ea55 100755 --- a/Meta/build-root-filesystem.sh +++ b/Meta/build-root-filesystem.sh @@ -50,9 +50,6 @@ chmod 660 mnt/etc/WindowServer.ini chown $window_uid:$window_gid mnt/etc/WindowServer.ini echo "/bin/sh" > mnt/etc/shells -chmod 0400 mnt/etc/plsusers -chown 0:0 mnt/etc/plsusers - chown 0:$wheel_gid mnt/bin/su chown 0:$wheel_gid mnt/bin/passwd chown 0:$wheel_gid mnt/bin/ping @@ -66,8 +63,8 @@ chown 0:0 mnt/res/kernel.map chmod 0400 mnt/res/kernel.map chmod 0400 mnt/boot/Kernel chmod 4750 mnt/bin/su +chmod 4750 mnt/bin/pls chmod 4755 mnt/bin/passwd -chmod 4751 mnt/bin/pls chmod 4755 mnt/bin/ping chmod 4755 mnt/bin/traceroute chmod 4750 mnt/bin/reboot |