[X2Go-Commits] [x2goserver] 01/01: debian/x2goserver.postinst: Avoid recursive chmod/chown. Recursive chown/chmod is susceptible to hardlink attacks on mainline, non-Debian kernels (follow-up for previous commit).

[git-admin at x2go.org]

This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository x2goserver.

commit 83b6f6d56af4c1675542e22556c5a1e7a4c8da99
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Tue Aug 14 16:35:14 2018 +0200

    debian/x2goserver.postinst: Avoid recursive chmod/chown. Recursive chown/chmod is susceptible to hardlink attacks on mainline, non-Debian kernels (follow-up for previous commit).
---
 debian/x2goserver.postinst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/debian/x2goserver.postinst b/debian/x2goserver.postinst
index dbaf195..0cb8ace 100755
--- a/debian/x2goserver.postinst
+++ b/debian/x2goserver.postinst
@@ -71,7 +71,8 @@ case "${1}" in
 				x2godbadmin --createdb
 			else
 				# make sure db permissions are set correctly
-				chown -R 'root:x2gouser' '/var/lib/x2go'
+				chown 'x2gouser:x2gouser' '/var/lib/x2go'
+				chown 'root:x2gouser' '/var/lib/x2go/x2go_sessions'
 				# egid x2gouser needs write access to the db dir (for temporary db journal file)
 				chmod '0770' '/var/lib/x2go'
 				# ... and to the db file itself, of course

--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goserver.git