mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-09-20 09:49:15 +03:00
Build: Lock down the /mod and /boot directories
Make these directories accessible to root only. Unprivileged users have no need to look at the kernel binary or kernel modules.
This commit is contained in:
Andreas Kling
parent
2d244a70a1
commit
4398eec03c
Notes:
sideshowbarker
2024-07-19 10:23:09 +09:00
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/4398eec03ce
@ -166,10 +166,14 @@ ln -s ProfileViewer mnt/bin/pv
|
||||
echo "done"
|
||||
|
||||
mkdir -p mnt/boot/
|
||||
chmod 700 mnt/boot/
|
||||
cp kernel mnt/boot/
|
||||
chmod 600 mnt/boot/kernel
|
||||
|
||||
mkdir -p mnt/mod/
|
||||
chmod 700 mnt/mod/
|
||||
cp TestModule.kernel.o mnt/mod/TestModule.o
|
||||
chmod 600 mnt/mod/*.o
|
||||
|
||||
# Run local sync script, if it exists
|
||||
if [ -f sync-local.sh ]; then
|
||||
|
||||
Loading…
Reference in New Issue
Block a user