On Jan 28, 2012, at 20:22 , Philip M. Gollucci wrote: > On 1/28/12 1:52 AM, Tilman Keskinöz wrote: >> If there is no reason, the port should be either fixed, or the commit backed >> out! > This is not a unique problem among gems. Lots of them screw up umasks on > install. Some too restrictive, some overly lax.
The committer committing the patch is responsible for testing the port for screw ups. No port should install world-writable scripts or executables. This is a security issue. Again i ask you to fix the port or backout your commit. In the old days, Kris processed the pointyhat logs for these issues[1]. Maybe someone with access to the pointyhat logs can do this again? Also how about introducing a Makefile variable "WORLDWRITABLE_FILES" for the highscore files and aborting the install if a file is not mentioned in this variable. [1] e.g. http://lists.freebsd.org/pipermail/freebsd-ports/2006-September/035115.html_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[email protected]"
