[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make d
|
From: |
Glenn Morris |
|
Subject: |
bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*' |
|
Date: |
Thu, 11 Nov 2010 16:28:49 -0500 |
[ This was sent to "address@hidden", apparently an alias for
"bug-automake". Because debbugs was unaware of this, it was assigned
to the default package, debbugs itself. I have reassigned it to
automake and am resending this so it goes to the right list.
The alias (along with "automake-bugs?" has been added to debbugs for
the future. ]
Original message:
From: Behdad Esfahbod <address@hidden>
To: address@hidden
Subject: On the fix for CVE-2009-4029 Automake security fix for 'make dist*'
Date: Thu, 11 Nov 2010 16:17:22 -0500
Hi guys,
I recently read about the fix for the chmod 777 issue. Just wanted to note
that it may be preferred if you continue with chmod 777 and instead fix the
problem by moving the dist dir inside another direction that is 700.
The reason a 777 mod in the tarball may be preferred (or 775 for that matter,
but not 755) is for systems that users of a group are using sticky-bit on the
group to share writable files with eachother. By letting the umask decide
what bits should not be set you you enable such settings, whereas using 755,
the user expanding the tarball has to reset it to 775 or the rest of the group
cannot write to it.
Cheers,
behdad
- bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*',
Glenn Morris <=