[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc/mk
On Tue, Nov 03, 2009 at 05:33:56PM +0100, Joerg Sonnenberger wrote:
> On Tue, Nov 03, 2009 at 08:33:45AM +0100, Bernd Ernesti wrote:
> > On Tue, Nov 03, 2009 at 02:14:32AM +0000, Joerg Sonnenberger wrote:
> > > Module Name: pkgsrc
> > > Committed By: joerg
> > > Date: Tue Nov 3 02:14:32 UTC 2009
> > >
> > > Modified Files:
> > > pkgsrc/mk: bsd.pkg.mk
> > >
> > > Log Message:
> > > Create the work directory itself with umask 077 to prevent access to
> > > files with broken permissions (e.g. world-writable files).
> > Hmm, will this still work when you build the package a normal user and
> > then install it as root?
> Root can always access directories with 700.
No, there are some instances when that won't work, but they are
corner cases. The Solaris support was written on a network with
NIS+, and your assumption above does not always hold for that.
Main Index |
Thread Index |