Bug#381677: initramfs-tools: Temporary files and initramfs world-readable

To: Jonas Smedegaard <dr@jones.dk>, 381677@bugs.debian.org
Cc: lionel@mamane.lu
Subject: Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
From: maximilian attems <maks@sternwelten.at>
Date: Mon, 14 Aug 2006 15:11:39 +0200
Message-id: <[🔎] 20060814131139.GG4868@baikonur.stro.at>
Reply-to: maximilian attems <maks@sternwelten.at>, 381677@bugs.debian.org
In-reply-to: <[🔎] 20060814013428.88535ad7.dr@jones.dk>
References: <[🔎] 20060806130659.GA6798@bagnat.mamane.lu> <[🔎] 20060812084316.GH24632@nancy> <[🔎] 20060812133942.aa7ebc96.dr@jones.dk> <[🔎] 20060813092602.GC6205@nancy> <[🔎] 20060813121313.75e0b3cd.dr@jones.dk> <[🔎] 20060813143457.GD4868@baikonur.stro.at> <[🔎] 20060814013428.88535ad7.dr@jones.dk>

On Mon, Aug 14, 2006 at 01:34:28AM +0200, Jonas Smedegaard wrote:
> 
> I did not file this bugreport. I agree with the worried bugreporter,
> but am not in the mood for fighting, so if you cannot use my attempts at
> helping you to a deeper understanding of *why* we are worried, then so
> be it.

the bugreporter packs an gpg key into the initrd,
which is not a standard setup!

i'm still waiting for a specific leakage that is happening in
the initrd-tools and initramfs-tools generation in a Debian default
setup. until a specific file is named there is no need for
initramfs-tools to be paranoid.

> If you believe yaird does things in a wrong way, then please discuss it
> through bugreports against that package.

i'm subuscribed to yaird bug reports and occisonaly i reply to them
if they aquire attention.

i've removed the patch tag, as the proposed patch is nacked,
so we need for your loop-aes pleasure a specific config dir
for mkinitramfs UMASK setting, other packages may want to
set BUSYBOX=yes there or whatever.

i'll prepare something that way for the next release, once 0.73e has
hit testing.

best regards

-- 
maks

Reply to:

References:
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: Lionel Elie Mamane <lionel@mamane.lu>
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: maximilian attems <maks@sternwelten.at>
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: Jonas Smedegaard <dr@jones.dk>
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: maximilian attems <maks@sternwelten.at>
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: Jonas Smedegaard <dr@jones.dk>
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: maximilian attems <maks@sternwelten.at>
- Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
  - From: Jonas Smedegaard <dr@jones.dk>

Prev by Date: Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
Next by Date: Bug#382985: teergrubes NATted connections due to mangled IPv4 checksums
Previous by thread: Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
Next by thread: Bug#381677: initramfs-tools: Temporary files and initramfs world-readable
Index(es):
- Date
- Thread