On 01/20/2016 02:30 AM, Karel Zak wrote: > On Tue, Jan 19, 2016 at 10:37:06AM -0800, Wayne R. Roth wrote: >> Logic copied from sys-utils/swapon.c > > Why? I think swapon is the right place for this check. > > Karel > Hi Karel, Warnings are probably best put in *both* mkswap and swapon for the following two reasons: 1. The person(s) reviewing the output for swapon may not be the same person(s) reviewing the output for mkswap. For example, this might happen with a company with a separate development and quality assurance department. 2. To my best knowledge the release of mkswap and swapon do not have to match. An example of when this might happen is the build process for an embedded device or virtual machine. I am pretty sure busybox does not warn on world readable swap right now. This patch does not break any existing behavior. The worst case possibility from accepting this patch is it will annoy some people, and best case it will save millions of devices from being shipped with insecure permissions. Thanks, Sarah -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
