[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

patch for #623378



notfound 623378 0.5.6.pl00-2
reassign 623378 libburn
found 623378 0.8.0.pl00-2
fixed 1.0.4.pl00-1
tags 623378 + patch
thanks

The patch Thomas Schmitt referred to from here:

 http://libburnia-project.org/changeset/3537/libburn/trunk

is attached below in debdiff form (applies cleanly to 0.8.0.pl00-2), and
resolves the permissions of test.iso from the simple use case:

 rm -f test.iso
 umask 022
 mkdir test
 touch test/test
 xorriso -as mkisofs test -o test.iso

I propose this patch for the next stable release to resolve #623378.  If
that's OK, please let me know and i'll upload to proposed-updates.

Regards,

	--dkg
diff -u libburn-0.8.0.pl00/debian/changelog libburn-0.8.0.pl00/debian/changelog
--- libburn-0.8.0.pl00/debian/changelog
+++ libburn-0.8.0.pl00/debian/changelog
@@ -1,3 +1,10 @@
+libburn (0.8.0.pl00-2+squeeze1) stable; urgency=low
+
+  * Do not create images with overly-restrictive permissions
+    (Closes: #623378)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Tue, 19 Apr 2011 21:19:16 -0400
+
 libburn (0.8.0.pl00-2) unstable; urgency=low
 
   * Do not install gifs in the doc package, since newer doxygen
only in patch2:
unchanged:
--- libburn-0.8.0.pl00.orig/libburn/write.c
+++ libburn-0.8.0.pl00/libburn/write.c
@@ -2014,7 +2014,8 @@
 			 int sector_size, int flag)
 {
 
-/* <<< We need _LARGEFILE64_SOURCE defined by the build system.
+/* We normally need _LARGEFILE64_SOURCE defined by the build system.
+   Nevertheless the system might use large address integers by default.
 */
 #ifndef O_LARGEFILE
 #define O_LARGEFILE 0
@@ -2030,7 +2031,8 @@
 	if (fd >= 0)
 		fd = dup(fd); /* check validity and make closeable */
 	else
-		fd = open(d->devname, mode, S_IRUSR | S_IWUSR);
+		fd = open(d->devname, mode,
+                    S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
 	if (fd == -1) {
 		libdax_msgs_submit(libdax_messenger, d->global_index,
 			0x00020005,

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: