Bug#167422: files in /usr/share should be world-readable

To: swift@alum.mit.edu, 167422@bugs.debian.org
Subject: Bug#167422: files in /usr/share should be world-readable
From: "James R. Van Zandt" <jrv@vanzandt.mv.com>
Date: Fri, 8 Nov 2002 21:15:09 -0500 (EST)
Message-id: <[🔎] m18AL9R-000139C@vanzandt.mv.com>
Reply-to: "James R. Van Zandt" <jrv@vanzandt.mv.com>, 167422@bugs.debian.org

Matt Swift <swift@alum.mit.edu> writes:
...
>In the source package, the file ./debian/PVER-elisp.install.in
>contains the lines:
>
>    ELCDIR=/usr/share/$FLAVOR/site-lisp/$PACKAGE
>         [...]
>    LOG=`tempfile`
>         [...]
>    $FLAVOR $BATCHFLAGS $PRELOADS $COMPILE >>$LOG 2>&1
>         [...]
>    mv -f $LOG $ELCDIR/install.log
>
>The default mode of a file created by "tempfile" is 600 -- this is
>how the file with the inappropriate mode is first created.

However, I think substituting

      LOG=`tempfile -m 644`

would introduce a security bug.

Instead, I propose that

      chmod 644 $ELCDIR/install.log

should be appended.

		- Jim Van Zandt

Reply to:

Follow-Ups:
- Bug#167422: files in /usr/share should be world-readable
  - From: Santiago Vila <sanvila@unex.es>
- Bug#167422: files in /usr/share should be world-readable
  - From: Julian Gilbey <jdg@polya.uklinux.net>

Prev by Date: Re: Bug#167425: debian-policy: package should not depend on fileutils
Next by Date: Bug#167422: files in /usr/share should be world-readable
Previous by thread: Bug#167422: files in /usr/share should be world-readable
Next by thread: Bug#167422: files in /usr/share should be world-readable
Index(es):
- Date
- Thread