Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-05-02 12:46:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

usrmerge

Browse source 
fixes https://github.com/Kicksecure/security-misc/issues/190
This commit is contained in:
Patrick Schleizer 2024-01-17 13:39:56 -05:00
parent 18a06935e0
commit 0efee2f50f
No known key found for this signature in database
GPG key ID: CB8D50BB77BB3C48
27 changed files with 65 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

2
usr/bin/permission-hardener
View file

@ -221,7 +221,7 @@ add_nosuid_statoverride_entry() {
# shellcheck disable=SC2086
echo_wrapper_silent_audit dpkg-statoverride ${dpkg_admindir_parameter_new_mode} --add "${existing_owner}" "${existing_group}" "${new_mode}" "${file_name}"
## /lib will hit ARG_MAX if using bash 'shopt -s globstar' and '/lib/**'.
## /usr/lib will hit ARG_MAX if using bash 'shopt -s globstar' and '/usr/lib/**'.
## Using 'find' with '-perm /u=s,g=s' is faster and avoids ARG_MAX.
## https://forums.whonix.org/t/disable-suid-binaries/7706/17
done < <(find "${fso_to_process}" -perm /u=s,g=s -print0 | xargs -I{} -0 stat -c "%n %a %U %G" {})