They should not be writable indeed. As far as I understand ubiquity, the full installation is just a luxurious "cp --preserve" so it makes sense that the permissions flaws are inherited.
broth is a just a high level wrapper for lh. It does not interfere with the chroot creation and squashing. But it does supply custom files to be added in /etc and /usr. things to check (thinking out loud): - 1st we need to check on the lh list (+ grep their git repos) if there is anything related to this issue - if not, has the chroot before squashing similar flaws? - if yes -> why? (maybe chroot_local_includes needs to have the right permissions right away?) -> bug to file again lh - if no -> needs to investigate aufs and how these folders are mounted during the live boot -- insecure world-writable dir /usr (mode 040757) https://bugs.launchpad.net/bugs/501340 You received this bug notification because you are a member of puredyne team, which is a direct subscriber. Status in Puredyne liveCD/DVD/USB/HD: New Bug description: Both in liveUSB and after install, it seems /usr is world-writable (mode 040757) which is very insecure. I've grepped around a bit but I haven't spotted why it's happening but I guess it's not deliberate - is it an artefact of broth? Also world-writable are /sbin and /etc - none of these should be world-writable, right? _______________________________________________ Mailing list: https://launchpad.net/~puredyne-team Post to : [email protected] Unsubscribe : https://launchpad.net/~puredyne-team More help : https://help.launchpad.net/ListHelp
