On 05/26/11 at 09:21pm, wzab wrote: > > How many machines are we talking about? It seems coincidental. > > The only corollation is that squeeze did move to using UUIDs by default. > > I've investigated 5 machines. In three of them permissions are set to 0755 > and in two to 0777. > I've tried to boot different kernels (with initrd and without initrd), boot > with "init=/bin/bash" to skip running all init scripts, but results are still the same. > > The most interesting fact is that even for the same standard Debian kernel > 2.6.38.2 permissions in machines differ... > > I tried to investigate in sources how kernel selects initial permissions for root node, > but I didn't succeed... The kernel does not, AFAIK, modify the filesystem permissions on boot. They are set as an attribute in the root inode. Instead of thinking of the filesystem as permissionless before boot, consider that even when turned off, the permissions attribute is set. If you take the drive out and attach it to another system to analyze, you will see the same permissions, since they are stored in the filesystem. > > The problem is really serious, as it allows the plain user to change configuration of machine... > I hope it is a silly misconfiguration in 2 of my machines... It most likely is. -- Liam
Attachment:
signature.asc
Description: Digital signature