diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2008-04-17 19:03:26 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2008-04-17 19:03:26 +0000 |
| commit | 440f0ab4f266abb51cc73205d8335a314deb1830 (patch) | |
| tree | 32d2149b4f14b4027618da5f1d7d1b92ec686880 /etc/netstart | |
| parent | 9e54b2cddb6b5e5b18875b53e10dcbe3f7dc8d27 (diff) | |
before using them, force hostname.* files to be unreadable by world
first version from todd, ok millert
Diffstat (limited to 'etc/netstart')
| -rw-r--r-- | etc/netstart | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/etc/netstart b/etc/netstart index 2f37099d734..4f98acc3d44 100644 --- a/etc/netstart +++ b/etc/netstart @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: netstart,v 1.118 2008/01/17 12:36:33 brad Exp $ +# $OpenBSD: netstart,v 1.119 2008/04/17 19:03:25 deraadt Exp $ # Strip comments (and leading/trailing whitespace if IFS is set) # from a file and spew to stdout @@ -35,6 +35,11 @@ ifstart() { return fi + file=/etc/hostname.$if + if [ "$(stat -f "%SLp" $file)" != "---" ]; then + echo "WARNING: $file is insecure, fixing permissions" + chmod o-rwx $file + fi ifconfig $if > /dev/null 2>&1 if [ "$?" != "0" ]; then # Try to create interface if it does not exist |