[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: world writable /usr/lib/libguile.so.6.0.0

There is a hardlink created after libguile.so.6.0.0 is installed:

[buildd@xia03(11:38am)-~/<1>failed/wxxt-1.67c]%dpkg -c /Debian/debian/dists/potato/main/binary-sparc/*/libguile6_*.deb | grep libguile.so
-rw-r--r-- root/root    578636 1999-11-16 22:50:02 ./usr/lib/libguile.so.6.0.0
lrwxrwxrwx root/root         0 1999-11-16 22:49:54 ./usr/lib/libguile.so.6 -> libguile.so.6.0.0
-rwxrwxrwx root/root         0 1999-11-16 22:49:54 ./usr/lib/libguile.so.3 link to ./usr/lib/libguile.so.6

So you will actuall find to files that are 777. In debian/rules we see
this:

#libguile
        mv $(inst_dir)/usr/lib/libguile.so.$(so_M).$(so_m).$(so_p) \
          $(l)/usr/lib/

        mv $(inst_dir)/usr/lib/libguile.so.$(so_M) $(l)/usr/lib/
        (cd  $(l)/usr/lib/ ; ln libguile.so.$(so_M) libguile.so.3 ) # create link

I suggest that be changed to "ln -s".

-- 
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`     bcollins@debian.org  -  collinbm@djj.state.va.us  -  bmc@visi.net    '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'
Reply to: