mirror of
https://github.com/Fishwaldo/Star64_linux.git
synced 2025-06-20 21:51:05 +00:00
debugfs: more tightly restrict default mount mode
Since the debugfs is mostly only used by root, make the default mount mode 0700. Most system owners do not need a more permissive value, but they can choose to weaken the restrictions via their fstab. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Kees Cook
Greg Kroah-Hartman
parent
9db48aaf18
commit
82aceae4f0
2 changed files with 3 additions and 3 deletions
|
|
@ -28,7 +28,7 @@
|
|||
#include <linux/magic.h>
|
||||
#include <linux/slab.h>
|
||||
|
||||
#define DEBUGFS_DEFAULT_MODE 0755
|
||||
#define DEBUGFS_DEFAULT_MODE 0700
|
||||
|
||||
static struct vfsmount *debugfs_mount;
|
||||
static int debugfs_mount_count;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue