Lubuntu/livecd-rootfs
3
0
Fork 0
mirror of https://git.launchpad.net/livecd-rootfs synced 2025-02-12 22:07:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

ubuntu-cpc: secure esp mountpoint (LP: #1881006)

Browse Source 
Change mount option for ubuntu-cpc images from "defaults" to
"umask=0077". ESP partitions might contain sensitive data and
non-root users shouldn't have read access on it.
This commit is contained in:
Gauthier Jolly 2021-03-17 17:01:12 +00:00
parent 82f69612c7
commit 330720f686
No known key found for this signature in database
GPG Key ID: 76941DD188ED73DF
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
debian/changelog vendored
View File

@ -1,3 +1,12 @@
livecd-rootfs (2.664.19) UNRELEASED; urgency=medium
* ubuntu-cpc: secure esp mountpoint (LP: #1881006)
Change mount option for ubuntu-cpc images from "defaults" to "umask=0077"
ESP partitions might contain sensitive data and non-root users shouldn't
have read access on it.
-- Gauthier Jolly <gauthier.jolly@canonical.com> Wed, 17 Mar 2021 16:55:37 +0000
livecd-rootfs (2.664.18) focal; urgency=medium
[ Patrick Viafore ]

2
live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary
View File

@ -94,7 +94,7 @@ create_and_mount_uefi_partition() {
mount "${uefi_dev}" "$mountpoint"/boot/efi
cat << EOF >> "mountpoint/etc/fstab"
LABEL=UEFI /boot/efi vfat defaults 0 1
LABEL=UEFI /boot/efi vfat umask=0077 0 1
EOF
}