On Wed, Nov 21, 2012 at 10:08 AM, Karel Zak <kzak@xxxxxxxxxx> wrote: > On Tue, Nov 06, 2012 at 05:25:02PM +0100, Bernhard Voelker wrote: >> On November 6, 2012 at 4:06 PM mp.lists@xxxxxxx wrote: >> > As a first idea, it looks, as if such may be implemented, eg. by >> > letting swapon [and fstab-based "mounting"] by default not enable a swap >> > file, if it has non-root access permissions >> >> Did you know? >> The swapon utility issues a warning diagnostic with --verbose: >> >> # ls -l /tmp/swapfile >> -rw-r--r-- 1 berny users 134217728 Nov 6 17:03 /tmp/swapfile >> >> # sbin/swapon -v /tmp/swapfile >> swapon /tmp/swapfile >> swapon: /tmp/swapfile: insecure permissions 0644, 0600 suggested. >> swapon: /tmp/swapfile: insecure file owner 1000, 0 (root) suggested. >> swapon: /tmp/swapfile: found swap signature: version 1, page-size 4, same byte >> order >> swapon: /tmp/swapfile: pagesize=4096, swapsize=134217728, devsize=134217728 > > this waring is there since year 1999.. so it's really nothing new. I wonder would be be too noisy to make insecurity warnings enabled by default, and add --quiet option to thous who do not want to hear system complaining about things they know. -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
