DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8683>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8683 Insecure file permissions - make install Summary: Insecure file permissions - make install Product: Apache httpd-1.3 Version: 1.3.24 Platform: PC OS/Version: Linux Status: NEW Severity: Normal Priority: Other Component: Build AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] When you run "make install" as root and it gets to this part: Copying tree ./htdocs/manual -> /usr/local/apache/htdocs/manual/ Copying tree ./icons/ -> /usr/local/apache/icons/ the files it copies have a user and group id of 1078 -- the id's the files in the tar archive had. This isn't really secure because whichever user happens to have an id of 1078 can write to the files. When installed as root, I think all installed files should have a user and group id of 0.
