To prevent glibc bug exploitation, make setuid-wrappers unreadable to non-root users

svn path=/nixos/trunk/; revision=24378
This commit is contained in:
Michael Raskin 2010-10-20 09:29:02 +00:00
parent baaf7bd6e3
commit f6bc3d61cf

View File

@ -92,7 +92,7 @@ in
, group ? "nogroup"
, setuid ? false
, setgid ? false
, permissions ? "u+rx,g+rx,o+rx"
, permissions ? "u+rx,g+x,o+x"
}:
''