make /var/{run, lock, state} not world writable (0755)

since commit be950c5e56b86509e1e237931d0ac8203372be82 (09/03/2013)
/var/{run,lock,state} are world writable (0777) which is a security issue
before that they were created by /etc/init.d/boot with normal
permissions (0755), so revert to that state

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

diff --git a/initd/early.c b/initd/early.c
index accfc1dce54c488e5cb4ab82eb9922c76b7c8a89..bf519f615528033e5017534ed700862c7b66e55d 100644 (file)
--- a/initd/early.c
+++ b/initd/early.c
@@ -73,9 +73,9 @@ early_mounts(void)
                mount("tmpfs", "/tmp/shm", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOATIME,
                                "mode=01777");
        }
-       mkdir("/tmp/run", 0777);
-       mkdir("/tmp/lock", 0777);
-       mkdir("/tmp/state", 0777);
+       mkdir("/tmp/run", 0755);
+       mkdir("/tmp/lock", 0755);
+       mkdir("/tmp/state", 0755);
        umask(oldumask);
 }