On 23 January 2016 at 16:22, Karel Zak <kzak@xxxxxxxxxx> wrote: > On Fri, Jan 22, 2016 at 10:03:47PM +0000, Sami Kerola wrote: >> Alternatively one could make swapon to get rid of all permission bits >> and set ownership to UID 0 by default when ever it activates a >> swapfile. How about that. > > Not sure if want to change any permissions on the fly, it would be > better to reject files (by swapon) with insecure permissions and > require something like --force for crazy users who wants to ignore > this problem. Why not completely optional? $ swapon --path-permissions [ignore|complain|stop|fix] Current default is 'complain', and it feels about right. -- Sami Kerola http://www.iki.fi/kerolasa/ -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
