From d44e2c9ad9469ed07308870fcf7956769a5ccec4 Mon Sep 17 00:00:00 2001
From: Jesse Buhagiar <jooster669@gmail.com>
Date: Sat, 17 Apr 2021 00:55:05 +1000
Subject: Userland: Check sudoers file perms and owner in pls

As per comment found in #6319 by @bcoles, `pls` should check the
permissions and owner of the sudoers file to ensure that it hasn't
been compromised.
---
 Meta/build-root-filesystem.sh | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'Meta')

diff --git a/Meta/build-root-filesystem.sh b/Meta/build-root-filesystem.sh
index 9249eef183..e80987b638 100755
--- a/Meta/build-root-filesystem.sh
+++ b/Meta/build-root-filesystem.sh
@@ -50,6 +50,9 @@ chmod 660 mnt/etc/WindowServer.ini
 chown $window_uid:$window_gid mnt/etc/WindowServer.ini
 echo "/bin/sh" > mnt/etc/shells
 
+chmod 0400 mnt/etc/plsusers
+chown 0:0 mnt/etc/plsusers
+
 chown 0:$wheel_gid mnt/bin/su
 chown 0:$wheel_gid mnt/bin/passwd
 chown 0:$wheel_gid mnt/bin/ping
@@ -57,6 +60,7 @@ chown 0:$wheel_gid mnt/bin/traceroute
 chown 0:$phys_gid mnt/bin/keymap
 chown 0:$phys_gid mnt/bin/shutdown
 chown 0:$phys_gid mnt/bin/reboot
+chown 0:$wheel_gid mnt/bin/pls
 chown 0:0 mnt/boot/Kernel
 chown 0:0 mnt/res/kernel.map
 chmod 0400 mnt/res/kernel.map
-- 
cgit v1.2.3