security: change CR_FD_PERM from rw-rw-r-- to rw-r--r--

This makes only root to be able to modify images by default. When using criu with suid bit set, group of the images is set to user group, which is not safe, considering current CR_FD_PERM. Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

security: change CR_FD_PERM from rw-rw-r-- to rw-r--r--
This makes only root to be able to modify images by default. When using criu with suid bit set, group of the images is set to user group, which is not safe, considering current CR_FD_PERM. Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
ada46644 · Ruslan Kuprieiev · Pavel Emelyanov · 8f2cb6b2 · ada46644
Commit ada46644 authored Sep 16, 2014 by Ruslan Kuprieiev Committed by Pavel Emelyanov Sep 18, 2014
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

crtools.h include/crtools.h +1 -1

No files found.
--- a/include/crtools.h
+++ b/include/crtools.h
@@ -7,7 +7,7 @@
 #include "asm/types.h"
 #include "servicefd.h"

-#define CR_FD_PERM		(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH)
+#define CR_FD_PERM		(S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)

 extern int check_img_inventory(void);
 extern int write_img_inventory(void);