Reduced root directory privileges (#15147)

#### Why I did it
Reduced root directory privileges

#### How I did it
During build_debian - called chroot to reduce root directory and its subdirectories privileges to 744
#### How to verify it
After image build and upgrade - check /root privileges by calling "ls -a /root"

#### Description for the changelog
reduced /root directory privileges
This commit is contained in:
ycoheNvidia 2023-07-16 21:06:29 +03:00 committed by GitHub
parent c970ee0f42
commit 05bbf72c86
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -786,6 +786,9 @@ sudo cp files/image_config/resolv-config/resolv.conf.head $FILESYSTEM_ROOT/etc/r
sudo mksquashfs $FILESYSTEM_ROOT $FILESYSTEM_SQUASHFS -comp zstd -b 1M -e boot -e var/lib/docker -e $PLATFORM_DIR
## Reduce /boot permission
sudo chmod -R go-wx $FILESYSTEM_ROOT/boot
# Ensure admin gid is 1000
gid_user=$(sudo LANG=C chroot $FILESYSTEM_ROOT id -g $USERNAME) || gid_user="none"
if [ "${gid_user}" != "1000" ]; then