cvs commit: LFS/BOOK/chapter06 changingowner.xml

gerard at linuxfromscratch.org gerard at linuxfromscratch.org
Tue May 13 00:31:22 PDT 2003


gerard      03/05/13 03:31:22

  Modified:    BOOK/chapter01 changelog.xml
               BOOK/chapter06 changingowner.xml
  Log:
  Applied Zack's ownership patch which fixes bug #510 which was originall patched and submitted by Alex Groenewoud
  
  Revision  Changes    Path
  1.491     +3 -0      LFS/BOOK/chapter01/changelog.xml
  
  Index: changelog.xml
  ===================================================================
  RCS file: /home/cvsroot/LFS/BOOK/chapter01/changelog.xml,v
  retrieving revision 1.490
  retrieving revision 1.491
  diff -u -r1.490 -r1.491
  --- changelog.xml	13 May 2003 07:30:09 -0000	1.490
  +++ changelog.xml	13 May 2003 07:31:22 -0000	1.491
  @@ -74,6 +74,9 @@
   </itemizedlist>
   </para></listitem>
   
  +<listitem><para>May 12th, 2003 [winkie]: Applied "Changing ownership"
  +patch to polish the text. Closes bug #511.</para></listitem>
  +
   <listitem><para>May 12th, 2003 [winkie]: Applied "Configuring system
   components" patch to polish the text. Closes bug #510.</para></listitem>
   
  
  
  
  1.13      +18 -19    LFS/BOOK/chapter06/changingowner.xml
  
  Index: changingowner.xml
  ===================================================================
  RCS file: /home/cvsroot/LFS/BOOK/chapter06/changingowner.xml,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- changingowner.xml	2 May 2003 18:20:19 -0000	1.12
  +++ changingowner.xml	13 May 2003 07:31:22 -0000	1.13
  @@ -2,26 +2,25 @@
   <title>Changing ownership</title>
   <?dbhtml filename="changingowner.html" dir="chapter06"?>
   
  -<para>Right now the /stage1 directory is owned by the lfs user. However,
  -this user account exists only on the host system. Although you may delete
  -the <filename class="directory">/stage1</filename> directory once you have
  -finished your LFS system, you might want to keep it around, e.g. for
  -building more LFS systems. But if you keep the
  -<filename class="directory">/stage1</filename> directory you will end up
  -with files owned by a user id without a corresponding account. This is
  -dangerous because a user account created later could get this user id and
  -would suddenly own the <filename class="directory">/stage1</filename>
  -directory and all of the files therein. This could open the
  -<filename class="directory">/stage1</filename> directory to manipulation by
  -an untrusted user.</para>
  +<para>Right now the <filename class="directory">/stage1</filename> directory
  +is owned by the user <emphasis>lfs</emphasis>, a user that exists only on your
  +host system. Although you will probably want to delete the
  +<filename class="directory">/stage1</filename> directory once you have
  +finished your LFS system, you may want to keep it around, for example to
  +build more LFS systems. But if you keep the
  +<filename class="directory">/stage1</filename> directory as it is, you end up
  +with files owned by a user ID without a corresponding account. This is
  +dangerous because a user account created later on could get this same user ID
  +and would suddenly own the <filename class="directory">/stage1</filename>
  +directory and all the files therein, thus exposing these files to possible
  +malicious manipulation.</para>
   
  -<para>To avoid this issue, you can add the
  -<emphasis>lfs</emphasis> user to the new LFS system later when creating
  -the <filename>/etc/passwd</filename> file, taking care to assign it the
  -same user and group id. Alternatively, you can (and the book will assume
  -you do) run the following command now, to assign the contents of the
  -<filename class="directory">/stage1</filename> directory to user
  -<emphasis>root</emphasis> by running the following command:</para>
  +<para>To avoid this issue, you could add the <emphasis>lfs</emphasis> user to
  +your new LFS system later on when creating the <filename>/etc/passwd</filename>
  +file, taking care to assign it the same user and group IDs as on your host
  +system. Alternatively, you can (and the book assumes you do) assign the
  +contents of the <filename class="directory">/stage1</filename> directory to
  +user <emphasis>root</emphasis> by running the following command:</para>
   
   <para><screen><userinput>chown -R 0:0 /stage1</userinput></screen></para>
   
  
  
  
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-book' in the subject header of the message



More information about the lfs-book mailing list