Bug#798043: lives: creates (and uses) world-writeable directory
Hi, On 01/10/16 07:23, salsaman wrote: > James, I was wondering what action should be taken regarding > directory/subdirectory permissions for existing users. The options I can > think of (from simplest to most complex): a) do nothing, only new users > get the benefit. b) add a note in Release Notes informing users how to > update the directory permissions manually, or c) Show a one time pop-up > when LiVES is upgraded asking the user if they want the program to > update permissions for the working directory for them, and if they click > Yes, do the update for them. > > Which of the options do you recommend ? Sorry for not replying sooner - I've been quite busy recently! I think c is the nicest solution for users so if you're prepared to implement it, that would be the best solution. Adding something to the release notes and possibly the debian/NEWS file is probably OK if not. I think we need to tell users somehow, so not option a :) Thanks, James signature.asc Description: OpenPGP digital signature
Bug#798043: lives: creates (and uses) world-writeable directory
James, I was wondering what action should be taken regarding directory/subdirectory permissions for existing users. The options I can think of (from simplest to most complex): a) do nothing, only new users get the benefit. b) add a note in Release Notes informing users how to update the directory permissions manually, or c) Show a one time pop-up when LiVES is upgraded asking the user if they want the program to update permissions for the working directory for them, and if they click Yes, do the update for them. Which of the options do you recommend ?
Bug#798043: lives: creates (and uses) world-writeable directory
Package: lives Version: 2.4.0~ds0-1+b1 Severity: important Dear Maintainer, simply starting `lives` will create a new directory `~/livestmp` (in my home), which is world read and writeable. i think this is an absolte no-go. $ cd ~ $ rm -rf .lives* livestmp $ lives [...] $ ls -lhan livestmp/ total 8.0K drwxrwxrwx 2 1000 1000 4.0K Sep 4 20:35 . drwxr-xr-x 100 1000 1000 4.0K Sep 4 20:35 .. $ i would expect any newly created directories to obey (at least) my umask settings. furthermore: i really hate it, if applications clutter my home-directory with automatically created directories. now lives has already a wizard that asks me which directory i want to use as a scratch-dir, but it does so after ~/livestmp has been created... mfdasr IOhannes -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages lives depends on: ii frei0r-plugins1.4-3+b1 ii imagemagick 8:6.8.9.9-5.1+b1 ii libasound21.0.29-1 ii libatk1.0-0 2.16.0-2 ii libavc1394-0 0.5.4-2 ii libavutil-ffmpeg547:2.7.2-2+b1 ii libc6 2.19-19 ii libcairo-gobject2 1.14.2-2 ii libcairo2 1.14.2-2 ii libgdk-pixbuf2.0-02.31.5-1 ii libglib2.0-0 2.44.1-1.1 ii libgtk-3-03.16.6-1 ii libjack-jackd2-0 [libjack-0.116] 1.9.10+20150825git1ed50c92~dfsg-1 ii libmjpegutils-2.1-0 1:2.1.0+debian-3 ii libpango-1.0-01.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libpng12-01.2.50-2+b2 ii libpulse0 6.0-5 ii libraw1394-11 2.1.1-1 ii libswscale-ffmpeg37:2.7.2-2+b1 ii libunicap20.9.12-2 ii libweed0 2.4.0~ds0-1+b1 ii libx11-6 2:1.6.3-1 ii lives-data2.4.0~ds0-1 ii lives-plugins 2.4.0~ds0-1+b1 ii mplayer2 [mplayer]2.0-728-g2c378c7-4+b2 ii ogmtools 1:1.5-3+b2 ii perl 5.20.2-6 ii procps2:3.3.10-2 ii python2.7.9-1 ii sox 14.4.1-5 Versions of packages lives recommends: ii dvgrab 3.5-2+b3 ii icedax 9:1.1.11-3 ii libogg01.3.2-1 ii libtheora-bin 1.1.1+dfsg.1-6 ii libtheora0 1.1.1+dfsg.1-6 ii mencoder 2:1.1.1+svn37434-1 ii mkvtoolnix 8.3.0-1 ii pulseaudio 6.0-5 ii x11-utils 7.7+3 ii youtube-dl 2015.06.04.1-1 Versions of packages lives suggests: ii libdv-bin 1.0.0-6 ii mjpegtools 1:2.1.0+debian-3 -- no debconf information