Changeset b74e415


Ignore:
Timestamp:
05/13/2003 07:31:22 AM (21 years ago)
Author:
Gerard Beekmans <gerard@…>
Branches:
10.0, 10.0-rc1, 10.1, 10.1-rc1, 11.0, 11.0-rc1, 11.0-rc2, 11.0-rc3, 11.1, 11.1-rc1, 11.2, 11.2-rc1, 11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, 6.0, 6.1, 6.1.1, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.5-systemd, 7.6, 7.6-systemd, 7.7, 7.7-systemd, 7.8, 7.8-systemd, 7.9, 7.9-systemd, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, arm, bdubbs/gcc13, ml-11.0, multilib, renodr/libudev-from-systemd, s6-init, trunk, v5_0, v5_1, v5_1_1, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/lfs-next, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/pip3, xry111/rust-wip-20221008, xry111/update-glibc
Children:
4a7a683
Parents:
9c713f35
Message:

Applied Zack's ownership patch which fixes bug #510 which was originall patched and submitted by Alex Groenewoud

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@2607 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689

Files:
2 edited

Legend:

Unmodified
Added
Removed

  • chapter01/changelog.xml

    r9c713f35 rb74e415  
    7575</para></listitem>
    7676
     77<listitem><para>May 12th, 2003 [winkie]: Applied "Changing ownership"
     78patch to polish the text. Closes bug #511.</para></listitem>
     79
    7780<listitem><para>May 12th, 2003 [winkie]: Applied "Configuring system
    7881components" patch to polish the text. Closes bug #510.</para></listitem>

  • chapter06/changingowner.xml

    r9c713f35 rb74e415  
    33<?dbhtml filename="changingowner.html" dir="chapter06"?>
    44
    5 <para>Right now the /stage1 directory is owned by the lfs user. However,
    6 this user account exists only on the host system. Although you may delete
    7 the <filename class="directory">/stage1</filename> directory once you have
    8 finished your LFS system, you might want to keep it around, e.g. for
    9 building more LFS systems. But if you keep the
    10 <filename class="directory">/stage1</filename> directory you will end up
    11 with files owned by a user id without a corresponding account. This is
    12 dangerous because a user account created later could get this user id and
    13 would suddenly own the <filename class="directory">/stage1</filename>
    14 directory and all of the files therein. This could open the
    15 <filename class="directory">/stage1</filename> directory to manipulation by
    16 an untrusted user.</para>
     5<para>Right now the <filename class="directory">/stage1</filename> directory
     6is owned by the user <emphasis>lfs</emphasis>, a user that exists only on your
     7host system. Although you will probably want to delete the
     8<filename class="directory">/stage1</filename> directory once you have
     9finished your LFS system, you may want to keep it around, for example to
     10build more LFS systems. But if you keep the
     11<filename class="directory">/stage1</filename> directory as it is, you end up
     12with files owned by a user ID without a corresponding account. This is
     13dangerous because a user account created later on could get this same user ID
     14and would suddenly own the <filename class="directory">/stage1</filename>
     15directory and all the files therein, thus exposing these files to possible
     16malicious manipulation.</para>
    1717
    18 <para>To avoid this issue, you can add the
    19 <emphasis>lfs</emphasis> user to the new LFS system later when creating
    20 the <filename>/etc/passwd</filename> file, taking care to assign it the
    21 same user and group id. Alternatively, you can (and the book will assume
    22 you do) run the following command now, to assign the contents of the
    23 <filename class="directory">/stage1</filename> directory to user
    24 <emphasis>root</emphasis> by running the following command:</para>
     18<para>To avoid this issue, you could add the <emphasis>lfs</emphasis> user to
     19your new LFS system later on when creating the <filename>/etc/passwd</filename>
     20file, taking care to assign it the same user and group IDs as on your host
     21system. Alternatively, you can (and the book assumes you do) assign the
     22contents of the <filename class="directory">/stage1</filename> directory to
     23user <emphasis>root</emphasis> by running the following command:</para>
    2524
    2625<para><screen><userinput>chown -R 0:0 /stage1</userinput></screen></para>
Note: See TracChangeset for help on using the changeset viewer.