Re: permissions on installed files

[Ludovic Brenta <ludovic@ludovic-brenta.org>]

Nicolas Boulenguez writes:
> On Fri, Aug 30, 2013 at 11:05:24AM +0200, Eugeniy Meshcheryakov wrote:
>
>> > The policy does says that ALI files must be installed "r--r--r--".
>
>> > I hardly understand the practical difference with "rw-r--r--", the
>> > common practice for /usr/. The root user can circumvent the
>> > permissions anyway. If we want to warn him that he should not modify
>> > *.ali, why do we let him modify the sources or the compilation options
>> > in the project, invalidating the ali files and causing the same kind
>> > of problems?
>> >
>> The problem is that if GCC is run as root it could try to recompile
>> library files and change those ali files. It does not happen if those
>> files are read-only.
>
> Gnat will only try to recompile when the sources (or compilation
> options with -s) have changed. Marking the sources read-only too would
> prevent the problem sooner and display more meaningful warnings.
>
> Simple curiosity, when does GCC need to be run as root?

IIRC, gnatmake requires an object file to be present for the .ali file
if the permissions of the .ali file are anything different from
r--r--r--, i.e. it will automatically recompile the sources if the .ali
file permissions are rw-r--r--.

The Policy says that no object files must be present in the ALI
directory.  The object files are lumped together into the shared and
static libraries.

-- 
Ludovic Brenta.