Date: Wed, 15 Jun 2016 14:07:28 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 197129] games/scid: vulnerable files with mode 666 below /usr/local/share/scid/books Message-ID: <bug-197129-13-jMow6odjcF@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-197129-13@https.bugs.freebsd.org/bugzilla/> References: <bug-197129-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D197129 Friedrich Volkmann <bsd@volki.at> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #171462| |maintainer-approval+ Flags| | --- Comment #6 from Friedrich Volkmann <bsd@volki.at> --- Created attachment 171462 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D171462&action= =3Dedit patch removing hardcoded file permissions @Vladimir Krstulja: Yes and yes. It works as expected, but requires a fix f= or (theoretical) security reasons. I just followed John Marino's suggestion to use INSTALL_* macros. Unfortunately, some useful macros such as MKDIR and COPYTREE_SHARE are not exported, so we have to stick to literal install -d or mkdir for directorie= s, and the "find" command in the makefile looks ugly. Of course we could move = the file copying and directory creation to a do-install section in games/scid/Makefile (where we could use all of the macros), but that would = be even more difficult to maintain. So here's my patch, please check out if I did it right and if everything is still working. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-197129-13-jMow6odjcF>