Actions
Bug #1227
closeddownloadable tar.gz has the wrong permissions on it's directories
ASK QUESTIONS IN Forums:
Description
The downloadable tar.gz of the source of lighttpd 1.4.15 (and 1.4.13) has world writable directories in it. This could be a security flaw on a shared machine as someone could pollute the source before it was built.
-- lighttpd
Updated by admin over 17 years ago
Part of the problem is that you/tar is depending on the permissions in the .tar while there's no need to depend on them.
Updated by stbuehler over 16 years ago
- Status changed from New to Fixed
- Resolution set to invalid
Use a sane umask (like 0022) and there shouldn't be any problems. It is automakes fault anyway :)
Actions
Also available in: Atom