diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2005-05-05 01:27:29 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2005-05-05 01:27:29 +0000 |
| commit | 6f29a062629f8ad3ba0acd1e08727dd88dbc662e (patch) | |
| tree | f620a1b2d15e51ee69a1140626c78491d89c2888 /net-firewall/iptables/files | |
| parent | Removed old version. (diff) | |
| download | gentoo-2-6f29a062629f8ad3ba0acd1e08727dd88dbc662e.tar.gz gentoo-2-6f29a062629f8ad3ba0acd1e08727dd88dbc662e.tar.bz2 gentoo-2-6f29a062629f8ad3ba0acd1e08727dd88dbc662e.zip | |
Make sure /var/lib/iptables/rules-saves is only read/writable by root #91468 by eromang.
(Portage version: 2.0.51.21)
Diffstat (limited to 'net-firewall/iptables/files')
| -rw-r--r-- | net-firewall/iptables/files/digest-iptables-1.3.1-r4 (renamed from net-firewall/iptables/files/digest-iptables-1.3.1-r3) | 0 | ||||
| -rw-r--r-- | net-firewall/iptables/files/iptables-1.2.9-r1.init | 7 | ||||
| -rw-r--r-- | net-firewall/iptables/files/iptables.init | 7 |
3 files changed, 10 insertions, 4 deletions
diff --git a/net-firewall/iptables/files/digest-iptables-1.3.1-r3 b/net-firewall/iptables/files/digest-iptables-1.3.1-r4 index 2cd860dcf77a..2cd860dcf77a 100644 --- a/net-firewall/iptables/files/digest-iptables-1.3.1-r3 +++ b/net-firewall/iptables/files/digest-iptables-1.3.1-r4 diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.init b/net-firewall/iptables/files/iptables-1.2.9-r1.init index 9c96a242f0c9..436401d525c9 100644 --- a/net-firewall/iptables/files/iptables-1.2.9-r1.init +++ b/net-firewall/iptables/files/iptables-1.2.9-r1.init @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.2.9-r1.init,v 1.4 2005/04/25 00:27:47 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.2.9-r1.init,v 1.5 2005/05/05 01:27:29 vapier Exp $ opts="save reload" @@ -67,7 +67,10 @@ reload() { } save() { + local ret ebegin "Saving iptables state" /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE} - eend $? + ret=$? + chmod 0600 ${IPTABLES_SAVE} + eend ${ret} } diff --git a/net-firewall/iptables/files/iptables.init b/net-firewall/iptables/files/iptables.init index cc9e49950f74..41dec2e69c78 100644 --- a/net-firewall/iptables/files/iptables.init +++ b/net-firewall/iptables/files/iptables.init @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.5 2005/04/25 00:27:47 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.6 2005/05/05 01:27:29 vapier Exp $ opts="save reload" @@ -74,7 +74,10 @@ reload() { } save() { + local ret ebegin "Saving iptables state" /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE} - eend $? + ret=$? + chmod 0600 ${IPTABLES_SAVE} + eend ${ret} } |