Skip to content
Permalink
Browse files Browse the repository at this point in the history
dracut.sh: create the initramfs non-world readable also if early cpio…
… is used

Fixes: 5f2c30d
Previously fixed CVE-2012-4453: e1b4899

Signed-off-by: Andreas Stieger <astieger@suse.com>
  • Loading branch information
Andreas Stieger authored and haraldh committed Nov 7, 2016
1 parent a5b2d8f commit 0db9891
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion dracut.sh
Expand Up @@ -1700,7 +1700,7 @@ if [[ $create_early_cpio = yes ]]; then

# The microcode blob is _before_ the initramfs blob, not after
if ! (
cd "$early_cpio_dir/d"
umask 077; cd "$early_cpio_dir/d"
find . -print0 | sort -z \
| cpio ${CPIO_REPRODUCIBLE:+--reproducible} --null $cpio_owner_root -H newc -o --quiet > "${DRACUT_TMPDIR}/initramfs.img"
); then
Expand Down

0 comments on commit 0db9891

Please sign in to comment.