Bug #1227: downloadable tar.gz has the wrong permissions on it's directories - Lighttpd - lighty labs

Actions

Copy link

Bug #1227

closed

downloadable tar.gz has the wrong permissions on it's directories

Added by Anonymous over 17 years ago. Updated about 16 years ago.

Status:

Invalid

Priority:

Normal

Category:

core

Target version:

1.5.0

ASK QUESTIONS IN Forums:

Description

The downloadable tar.gz of the source of lighttpd 1.4.15 (and 1.4.13) has world writable directories in it. This could be a security flaw on a shared machine as someone could pollute the source before it was built.

-- lighttpd

Actions

Copy link

Updated by admin over 17 years ago

Part of the problem is that you/tar is depending on the permissions in the .tar while there's no need to depend on them.

Actions

Copy link

Updated by darix over 17 years ago

what umask do you have?

Actions

Copy link

Updated by stbuehler about 16 years ago

Status changed from New to Fixed
Resolution set to invalid

Use a sane umask (like 0022) and there shouldn't be any problems. It is automakes fault anyway :)

Actions

Copy link

Updated by stbuehler about 16 years ago

Status changed from Fixed to Invalid

Actions

Copy link

Also available in: Atom

Project

General

Profile

Lighttpd

Custom queries

Bug #1227

downloadable tar.gz has the wrong permissions on it's directories

Updated by admin over 17 years ago

Updated by darix over 17 years ago

Updated by stbuehler about 16 years ago

Updated by stbuehler about 16 years ago