From 98fbf138b9cf5e9ee256077b691cbf8e145837c4 Mon Sep 17 00:00:00 2001
From: Qiumiao Zhang <zhangqiumiao1@huawei.com>
Date: Mon, 19 Dec 2022 10:56:44 +0800
Subject: [PATCH] remove the executable permission of non root users from hook
 scripts

Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
---
 ...table-permission-of-non-root-users-f.patch | 26 +++++++++++++++++++
 install-scripts.spec                          |  9 ++++++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 0003-remove-the-executable-permission-of-non-root-users-f.patch

diff --git a/0003-remove-the-executable-permission-of-non-root-users-f.patch b/0003-remove-the-executable-permission-of-non-root-users-f.patch
new file mode 100644
index 0000000..6da583f
--- /dev/null
+++ b/0003-remove-the-executable-permission-of-non-root-users-f.patch
@@ -0,0 +1,26 @@
+From 2aa0a7ccd957307f098b4a36e4e55a37d512204a Mon Sep 17 00:00:00 2001
+From: Qiumiao Zhang <zhangqiumiao1@huawei.com>
+Date: Mon, 19 Dec 2022 10:43:12 +0800
+Subject: [PATCH] remove the executable permission of non root users from hook
+ scripts
+
+Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
+---
+ usr/Euler/project/util/CommonFunction | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/usr/Euler/project/util/CommonFunction b/usr/Euler/project/util/CommonFunction
+index b10dc7e..3527af6 100644
+--- a/usr/Euler/project/util/CommonFunction
++++ b/usr/Euler/project/util/CommonFunction
+@@ -75,6 +75,7 @@ function INIT_Execute_Hook()
+                 fi
+             fi
+         done
++    chmod g-x,o-x ${hookdir}/S* > /dev/null 2>&1
+     fi
+ 
+     if [ "x${installbreak}" == "x${hookbase}" ]; then
+-- 
+2.27.0
+
diff --git a/install-scripts.spec b/install-scripts.spec
index 1d5fdaa..4bf0775 100644
--- a/install-scripts.spec
+++ b/install-scripts.spec
@@ -3,7 +3,7 @@ Summary:        scripts for system installation
 Group:          Applications/System
 License:        MulanPSL-2.0
 Version:        1.2
-Release:        4
+Release:        5
 SOURCE0:        %{name}-%{version}.tar.gz
 
 Patch0001: 0001-add-support-for-nvme-disk.patch
@@ -102,6 +102,13 @@ rm -rf %{_tmppath}/%{name}-%{version}
 rm -rf $RPM_BUILD_DIR/%{name}-%{version}
 
 %changelog
+* Mon Dec 19 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 1.2-5
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:after executing hook scripts, remove their executable permission
+       of non root users
+
 * Sat Nov 5 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 1.2-4
 - Type:requirement
 - CVE:NA
-- 
Gitee