Fix apt.conf permissions

Having world-writable apt.conf may be exploited by locals users to
execute arbitrary code in the context of the user running mmdebstrap.
This commit is contained in:
Jakub Wilk 2023-03-16 21:23:41 +01:00 committed by Johannes Schauer Marin Rodrigues
parent 55cae49ec7
commit a719ffd20a
Signed by: josch
GPG key ID: F2CBA5C78FBD83E1

View file

@ -2265,7 +2265,7 @@ sub run_setup() {
# we have to make the config file world readable so that a possible # we have to make the config file world readable so that a possible
# /usr/lib/apt/solvers/apt process which is run by the _apt user is also # /usr/lib/apt/solvers/apt process which is run by the _apt user is also
# able to read it # able to read it
chmod 0666, "$tmpfile" or error "cannot chmod $tmpfile: $!"; chmod 0644, "$tmpfile" or error "cannot chmod $tmpfile: $!";
if ($verbosity_level >= 3) { if ($verbosity_level >= 3) {
0 == system('apt-get', '--version') 0 == system('apt-get', '--version')
or error "apt-get --version failed: $?"; or error "apt-get --version failed: $?";