aboutsummaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-core/shadow
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2019-06-11 12:17:04 +0200
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>2019-06-19 13:05:28 +0000
commit9d9c024ba9de04965aff3e0e2e8caa2abb80ab7c (patch)
tree6ab481137dbfb3036693f97af270c22b7fa85f23 /meta-app-framework/recipes-core/shadow
parentbcd5334d789f61ac1f6b14de3f1f2febea27e06c (diff)
Enforce separation of users using UMASK
Users should not be able to read other user content. Use Umask to enforce that. Bug-AGL: SPEC-1016 Change-Id: Ibb61b7a6a7617117a499650c5bd70bdd5af3c328 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'meta-app-framework/recipes-core/shadow')
-rw-r--r--meta-app-framework/recipes-core/shadow/shadow_%.bbappend6
1 files changed, 6 insertions, 0 deletions
diff --git a/meta-app-framework/recipes-core/shadow/shadow_%.bbappend b/meta-app-framework/recipes-core/shadow/shadow_%.bbappend
new file mode 100644
index 000000000..4f594d47c
--- /dev/null
+++ b/meta-app-framework/recipes-core/shadow/shadow_%.bbappend
@@ -0,0 +1,6 @@
+
+do_install_append() {
+ sed -i '/^UMASK/s:^.*$:UMASK 077:' ${D}${sysconfdir}/login.defs
+}
+
+