Arch Linux

xyzzyx

Member

Registered: 2015-03-05

Posts: 1

/run/initramfs/usr/bin/cache_ world writable

Hi all,

while doing some analysis I found following binaries in /run/initramfs that are world writable:

-rwxrwxrwx 1 root root 1388376 Feb 23 17:02 /run/initramfs/usr/bin/cache_check
-rwxrwxrwx 1 root root 1388376 Feb 23 17:02 /run/initramfs/usr/bin/cache_dump
-rwxrwxrwx 1 root root 1388376 Feb 23 17:02 /run/initramfs/usr/bin/cache_metadata_size
-rwxrwxrwx 1 root root 1388376 Feb 23 17:02 /run/initramfs/usr/bin/cache_repair
-rwxrwxrwx 1 root root 1388376 Feb 23 17:02 /run/initramfs/usr/bin/cache_restore

As far as I can see they belong to https://www.archlinux.org/packages/core … ing-tools/

Isn't this a possible security threat? For instance if something modifies those binaries (during boot) before they are executed by another user?

Thanks & regards!