On 19 January 2016 at 19:44, Mike Frysinger <vapier@xxxxxxxxxx> wrote:
> On 19 Jan 2016 10:37, Wayne R. Roth wrote:
>> + permMask = S_ISBLK(ctl.devstat.st_mode) ? 07007 : 07077;
>> + if ((ctl.devstat.st_mode & permMask) != 0)
>> + warnx(_("%s: insecure permissions %04o, %04o suggested."),
>> + ctl.devname, ctl.devstat.st_mode & 07777,
>> + ~permMask & 0666);
>> + if (S_ISREG(ctl.devstat.st_mode) && ctl.devstat.st_uid != 0)
>> + warnx(_("%s: insecure file owner %d, 0 (root) suggested."),
>> + ctl.devname, ctl.devstat.st_uid);
>
> i haven't read/tested the code, so my assumptions might be off, but this
> seems to complain even when creating files as non-root. mkswap should
> not do that. a perfectly reasonable use case is to create images as a
> non-root user for use with something like qemu.
>
> maybe you want to add a getuid() check in there, or scuttle it altogether.
I do not think mkswap, or mkfs of any sort, is an operation only root is
allowed or expected to run. Taking device(s) in use is different matter,
and that is already covered in swapon(8) and mount(8).
--
Sami Kerola
http://www.iki.fi/kerolasa/
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
