On 22 January 2016 at 19:14, Sarah Newman <srn@xxxxxxxxx> wrote: > On 01/22/2016 08:01 AM, Tilman Schmidt wrote: >> Am 21.01.2016 um 23:19 schrieb Sarah Newman: >>> This patch does not break any existing behavior. The worst case possibility from accepting this patch is it will annoy some people, and best case it >>> will save millions of devices from being shipped with insecure permissions. >> >> The worst case is it will train millions of administrators to ignore >> warning messages. >> > > If the warnings in swapon are legitimate, they are just as legitimate in mkswap if the file owner check is only done when mkswap is run as root. > > Regarding the legitimacy of the swapon warnings: do you honestly believe most of the people who will get these warnings will have intended to have > world readable swap or swap owned as a non-root owner? > > When I search for "linux swap file" on google this is the second hit for me, the first being an arch linux wiki page: > https://www.linux.com/news/software/applications/8208-all-about-linux-swap-space "centos swap file" top two hits > https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-swap-creating-file.html > https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-swap-adding.html > > I followed the instructions for CentOS on a CentOS 5 machine and it resulted in world readable swap. Those instructions came from Red Hat. If > documentation from Red Hat gets it wrong, it's presumably a very common error. I made this mistake myself and I knew better. Fair points, but should same logic be applied to file holes when running mkswap? If the test _must_ be the same surely the mkswap & swapon should share the function(s) performing them, as drifting would be bad. Should these messages be optional, and if so which way around default ought to be? This will lead to --quite or --verbose options. Alternatively one could make swapon to get rid of all permission bits and set ownership to UID 0 by default when ever it activates a swapfile. How about that. -- Sami Kerola http://www.iki.fi/kerolasa/ -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
