-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-12-01 15:36, Werner Flamme wrote:
Carlos E. R. [01.12.2014 15:08]:
So the important thing to look for is that 'MNT'. It is created this way:
Yes, and so on, but I'd like not to modify the scripts themselves, since they are overwritten with every update of the package, even when it's caused by an automatic rebuild, and only the last cipher has increased.
You can wait months for an update with this modification. Even for next release cycle... You could add a cron job that emails you when the script has been replaced or modified, so that you can reconsider edit it back again. You can even email yourself the diff, and perhaps just replace with your copy. Or automatically undo the changes and store the update in quarantine, for your manual consideration. I don't think there are many upstream changes, though — at least, not on openSUSE. Maybe SLES is different :-? I don't see any other immediate solution for that grin ;-)
[..]
Here it produces:
/dev/ / /usr /boot /home /home_aux /home1 /opt /data/storage_d /data/storage_b /usr/src /usr/local /data/homedvl /data/vmware ...
I wonder about "/dev/" and "/".
I sure want security checks in those places :)
Well, dev yes, but not root, because it is everything, including your backup. All the directories on the first level are printed in that command output, so "/" is not needed, unless it means just "/", not its directories.
The part "/bin/mount | grep -E "^/dev/" | cut -d' ' -f 3" delivers all the mount points for the currently mounted filesystems. / is obviously mounted, 'xargs echo "/dev/"' adds the /dev/ entry :)
Ah, right. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlR8g+cACgkQtTMYHG2NR9Wi3QCgkZxL0f8fI4hCcbs6UGsbNYKE 2noAnR/g8H/iSDxPQFSU2vocR/TbBtiO =65Iz -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org