Jari Ruusu wrote:
> To encrypt root partition, I have attached a shell script that builds a
> small "initrd" ram-disk that works with 2.2 and 2.4 kernels. To use it, do
> something like this:
[snip]
> 7) Build a new /boot/initrd.gz and run lilo (or whatever)
>
> ./build-initrd.sh
> lilo
Original script that I posted here on Fri 05 Oct 2001 21:49:47 +0300,
created a initrd with sloppy access permissions: untrusted users could have
read access to devices they should not have access.
Workaround is to add "umask 077" to the script before it creates any device
nodes or to just run the script like this:
( umask 077 && ./build-initrd.sh )
Regards,
Jari Ruusu <jari.ruusu@xxxxxxxxxx>
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
