[Bug 283110] freebsd-update IDS vs. installed permissions for kernels (444 vs 555)

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 11 Dec 2024 15:50:09 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283110

--- Comment #11 from wbe@psr.com ---
My current thinking is that a suitable solution would be to add to
freebsd-update something simple like:

$ if stat /boot/kernel/kernel | fgrep -e 'r-xr-xr-x' >/dev/null; then
  echo 'FreeBSD recommends removing execute permission from the files in
/boot/kernel/.'
  echo 'Doing so is backward compatible with previous versions.'
  if continuep(); then
    chmod -x /boot/kernel/*
  fi
fi

Someone please confirm that "compatible with previous versions" is correct, or
change it to "with version # or later."

-- 
You are receiving this mail because:
You are the assignee for the bug.