Date: Sun, 29 Jan 2012 10:26:05 +0100 From: =?iso-8859-1?Q?Tilman_Keskin=F6z?= <arved@arved.at> To: "Philip M. Gollucci" <pgollucci@taximagic.com> Cc: cvs-ports@FreeBSD.org, freebsd-ports@FreeBSD.org, cvs-all@FreeBSD.org, "Philip M. M. Gollucci" <pgollucci@gmail.com>, ports-committers@FreeBSD.org Subject: Re: [ports] cvs commit: ports/devel/rubygem-daemons Makefile distinfo Message-ID: <B7730587-5921-428E-B0EC-2EF07FE1EAB1@arved.at> In-Reply-To: <4F244B0F.6050404@p6m7g8.com> References: <20111220051102.75CA6106574D@hub.freebsd.org> <4F22C453.9090107@arved.at> <4F22E142.4050706@p6m7g8.com> <8207A9DD-92C6-4CA5-846C-4B424843BA03@arved.at> <4F244B0F.6050404@p6m7g8.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 28, 2012, at 20:22 , Philip M. Gollucci wrote: > On 1/28/12 1:52 AM, Tilman Keskinöz wrote: >> If there is no reason, the port should be either fixed, or the commit backed out! > This is not a unique problem among gems. Lots of them screw up umasks on install. Some too restrictive, some overly lax. The committer committing the patch is responsible for testing the port for screw ups. No port should install world-writable scripts or executables. This is a security issue. Again i ask you to fix the port or backout your commit. In the old days, Kris processed the pointyhat logs for these issues[1]. Maybe someone with access to the pointyhat logs can do this again? Also how about introducing a Makefile variable "WORLDWRITABLE_FILES" for the highscore files and aborting the install if a file is not mentioned in this variable. [1] e.g. http://lists.freebsd.org/pipermail/freebsd-ports/2006-September/035115.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B7730587-5921-428E-B0EC-2EF07FE1EAB1>