Hi, I've been checking some images and it seems some files have wrong permissions on SquashFS images while the package itself has files with correct permissions.
Take AA rootfs for example, generic/openwrt-ar71xx-generic-rootfs.tar.gz: /etc/ppp/chap-secrets root root 41 Mar 23 2013 -rw-r--r-- When the file should be 0600 and actually is 0600 inside the ppp_2.4.5-8_ar71xx.ipk. The same is with BB openwrt-x86-generic-Generic-rootfs.tar.gz, /etc/ppp/chap-secrets is 0644. For some reason /etc/shadow always has correct 0600 permissions. Wrong permission on chap-secrets causes pppd to print a warning 'Warning - secret file /etc/ppp/chap-secrets has world and/or group access'. A bigger problem however are wrong permissions on /etc/racoon/psk.txt (ipsec-tools) for example, where racoon will fail to authenticate psk because the file is world readable. This presents a problem since the administrator needs to correct the permissions before ipsec is usable even when a custom-secret psk.txt is already shipped with the firmware image. Regards, Alex _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
