Date: Sun, 29 Jan 2012 10:26:05 +0100 From: =?iso-8859-1?Q?Tilman_Keskin=F6z?= <arved@arved.at> To: "Philip M. Gollucci" <pgollucci@taximagic.com> Cc: cvs-ports@FreeBSD.org, freebsd-ports@FreeBSD.org, cvs-all@FreeBSD.org, "Philip M. M. Gollucci" <pgollucci@gmail.com>, ports-committers@FreeBSD.org Subject: Re: [ports] cvs commit: ports/devel/rubygem-daemons Makefile distinfo Message-ID: <B7730587-5921-428E-B0EC-2EF07FE1EAB1@arved.at> In-Reply-To: <4F244B0F.6050404@p6m7g8.com> References: <20111220051102.75CA6106574D@hub.freebsd.org> <4F22C453.9090107@arved.at> <4F22E142.4050706@p6m7g8.com> <8207A9DD-92C6-4CA5-846C-4B424843BA03@arved.at> <4F244B0F.6050404@p6m7g8.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 28, 2012, at 20:22 , Philip M. Gollucci wrote: > On 1/28/12 1:52 AM, Tilman Keskin=F6z wrote: >> If there is no reason, the port should be either fixed, or the commit = backed out! > This is not a unique problem among gems. Lots of them screw up umasks = on install. Some too restrictive, some overly lax. The committer committing the patch is responsible for testing the port = for screw ups. No port should install world-writable scripts or executables. This is a = security issue. Again i ask you to fix the port or backout your commit. In the old days, Kris processed the pointyhat logs for these issues[1]. = Maybe someone with access to the pointyhat logs can do this again? Also how about introducing a Makefile variable "WORLDWRITABLE_FILES" for = the highscore files and aborting the install if a file is not mentioned = in this variable. [1] e.g. = http://lists.freebsd.org/pipermail/freebsd-ports/2006-September/035115.htm= l=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B7730587-5921-428E-B0EC-2EF07FE1EAB1>