[Slackbuilds-users] Call for Bug Fixes, Patches, etc

Luís Fernando Carvalho Cavalheiro pessoal at profcavalheiro.com
Sun Mar 13 18:29:32 UTC 2016


Well, well... sudo is a example of piece of software (personally I call sudo "piece of cr..") that relies on strange permissions: /etc/sudoers needs to be at 440.

Em 13 de 03 de 2016 às 19:23:50T+0100, Andrzej Telszewski <atelszewski at gmail.com> escreveu:

> On 13/03/16 17:03, Erik Hanson wrote:
> > On Sun, 13 Mar 2016 16:28:36 +0100
> > Andrzej Telszewski <atelszewski at gmail.com> wrote:
> >  
> >> On 13/03/16 16:23, Erik Hanson wrote:  
> >>> On Sun, 13 Mar 2016 15:34:25 +0100
> >>> Johannes Schöpfer <johannes at schoepfer.info> wrote:
> >>>  
> >>>> It would be helpful If someone could name a single reallife
> >>>> example, where the chmod approach fails.  
> >>>
> >>> It changes permissions of 700 to 755, which is something the 'find'
> >>> lines don't do. The merits and circumstances behind this, or my
> >>> choice of 700 as an example, do not matter and do not deserve
> >>> debate. The fact is, it is undesired behavior.
> >>>
> >>>  
> >>
> >> I'd say it shouldn't be a problem if we change all the permissions to
> >> 755/644.  
> >
> > We shouldn't assume to know why developers do what they do, and they
> > may have some very specific reasons behind shipping some files with
> > certain permissions.
> >  
> >> It should be the job of _make install_ (or whatever else) to ensure
> >> the correct permissions of sensitive files.
> >>
> >> Or am I wrong? ;)  
> >
> > They may be build time requirements, we don't know. In any case, make
> > install wouldn't be aware that those permissions had been changed,
> > potentially resulting in a broken package.
> >
> >  
> 
> You're correct. For the moment I thought what the heck, extracting 
> tatball is going to modify the permissions, but...
> 
> With the default umask of 022, whatever the user permission bits are, 
> they are going to survive extraction.
> 
> So something like 700 will definitely stay intact.
> 
> Although I have yet to come across software that actually depends on 
> that behavior.
> 
> -- 
> Best regards,
> Andrzej Telszewski
> _______________________________________________
> SlackBuilds-users mailing list
> SlackBuilds-users at slackbuilds.org
> http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
> Archives - http://lists.slackbuilds.org/pipermail/slackbuilds-users/
> FAQ - http://slackbuilds.org/faq/
> 


-- 
93 93/93
Luís Fernando Carvalho Cavalheiro
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Assinatura digital OpenPGP
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20160313/dcb54d95/attachment-0001.asc>


More information about the SlackBuilds-users mailing list