On 24 January 2016 at 11:09, Sami Kerola <kerolasa@xxxxxx> wrote: > On 23 January 2016 at 16:22, Karel Zak <kzak@xxxxxxxxxx> wrote: >> On Fri, Jan 22, 2016 at 10:03:47PM +0000, Sami Kerola wrote: >>> Alternatively one could make swapon to get rid of all permission bits >>> and set ownership to UID 0 by default when ever it activates a >>> swapfile. How about that. >> >> Not sure if want to change any permissions on the fly, it would be >> better to reject files (by swapon) with insecure permissions and >> require something like --force for crazy users who wants to ignore >> this problem. > > Why not completely optional? > > $ swapon --path-permissions [ignore|complain|stop|fix] > > Current default is 'complain', and it feels about right. Something like this. https://github.com/kerolasa/lelux-utiliteetit/commit/d79b3cdbe4e61b7e10d595dec4d4e299c8300c9e Notice that the change above is wrote on top of another change, that added swapon control structure. https://github.com/kerolasa/lelux-utiliteetit/commit/4d510f769de438092558f51430f3b195f328ef0e -- Sami Kerola http://www.iki.fi/kerolasa/ -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
