Skip to content
Permalink
Browse files

dracut.sh: create the initramfs non-world readable also if early cpio…

… is used

Fixes: 5f2c30d
Previously fixed CVE-2012-4453: e1b4899

Signed-off-by: Andreas Stieger <astieger@suse.com>
  • Loading branch information...
Andreas Stieger authored and haraldh committed Nov 7, 2016
1 parent a5b2d8f commit 0db98910a11c12a454eac4c8e86dc7a7bbc764a4
Showing with 1 addition and 1 deletion.
  1. +1 −1 dracut.sh
@@ -1700,7 +1700,7 @@ if [[ $create_early_cpio = yes ]]; then

# The microcode blob is _before_ the initramfs blob, not after
if ! (
cd "$early_cpio_dir/d"
umask 077; cd "$early_cpio_dir/d"
find . -print0 | sort -z \
| cpio ${CPIO_REPRODUCIBLE:+--reproducible} --null $cpio_owner_root -H newc -o --quiet > "${DRACUT_TMPDIR}/initramfs.img"
); then

0 comments on commit 0db9891

Please sign in to comment.
You can’t perform that action at this time.