]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2b8628c) | patch
bootctl: warn if the ESP random seed is stored on a world-readable dir
authorLennart Poettering <lennart@poettering.net>
Tue, 13 Jun 2023 14:48:20 +0000 (16:48 +0200)
committerLennart Poettering <lennart@poettering.net>
Wed, 14 Jun 2023 16:00:24 +0000 (18:00 +0200)
commitc4ccb80e392856156a4876b06cecf37f7763d20b
treed980272fc4340a2763b677025cfa4dd9a99cf224tree | snapshot
parent2b8628c7049bf99466e3e446552f81abcfa87aeecommit | diff
bootctl: warn if the ESP random seed is stored on a world-readable dir

This takes heavy inspiration from @zx2c4 (Jason A. Donenfeld)'s
PR #25531 but changes it considerably, but always going by fd instead of
paths, and only warning about the side file itself and the ESP mount
point, nothing else. This shuld be more than enough and should not be
brittle against concurrent path modifications.

Replaces: #25531
TODO diff | blob | blame | history
src/boot/bootctl-random-seed.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.