mirror of
https://github.com/RGBCube/serenity
synced 2025-07-26 01:47:34 +00:00
Build: Lock down the /mod and /boot directories
Make these directories accessible to root only. Unprivileged users have no need to look at the kernel binary or kernel modules.
This commit is contained in:
parent
2d244a70a1
commit
4398eec03c
1 changed files with 4 additions and 0 deletions
|
@ -166,10 +166,14 @@ ln -s ProfileViewer mnt/bin/pv
|
|||
echo "done"
|
||||
|
||||
mkdir -p mnt/boot/
|
||||
chmod 700 mnt/boot/
|
||||
cp kernel mnt/boot/
|
||||
chmod 600 mnt/boot/kernel
|
||||
|
||||
mkdir -p mnt/mod/
|
||||
chmod 700 mnt/mod/
|
||||
cp TestModule.kernel.o mnt/mod/TestModule.o
|
||||
chmod 600 mnt/mod/*.o
|
||||
|
||||
# Run local sync script, if it exists
|
||||
if [ -f sync-local.sh ]; then
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue