Menu
▾
▴
#145 world readable build trees
Some software that fink downloads, when untarred, has
permission 0750 directories despite being publicly available
on web servers. This oversight is inconvenient when
packages, such as gtk-perl, fail to build properly.
The maintainer of said package suggested this should be a
fink-wide change, if adopted at all, even though a minority
of upstream tarballs have this problem.
If it is not too much trouble, I'd appreciate it if you'd add
"chmod -R a+rX ." to Fink/PkgVersion.pm line 1144 (or
wherever it has the right effect after untar). I think it
should reduce the frustration involved with debugging
failed builds and should not have any bad side effects.
This request, of course, assumes that you're not planning on
modifying fink to run the unpack and build step as the non-
root user, which would also solve the problem but probably
be harder to implement.
thanks,
-neil
Logged In: YES
user_id=535292
On a similar theme, some tarballs unpack with random
ownership. This is potentially a security problem.
Logged In: YES
user_id=535292
I just added '--no-same-owner --no-same-permissions', so
permissions should now be world-readable.
Logged In: YES
user_id=535292
Actually, looks like there's some weird umask inheritance
issue, so re-opening until I get around to doing a proper
chmod or setting umask ourselves.