[Lustre-devel] Unsafe directory modes in lustre-source RPMs
Benjamin Bennett
ben at psc.edu
Mon Jun 23 20:11:02 PDT 2008
lustre.spec uses 'make distdir ...' to setup the source tree which will
be packaged into the lustre-source rpm.
Automake sets all directories in the distdir tree to mode 777
(world-writable, search for "brain-dead tar" in
/usr/share/automake-1.7/am/distdir.am).
These modes are kept in rpm packaging, and once the rpm is installed
/usr/src/lustre-${version} and its descendant directories will be mode
777 (world-writable).
This can be seen in the release rpms, and those generated from cvs, with
a command such as:
$ rpm -qlp --dump lustre-source.rpm | \
awk '{if ($5 ~ "^04") print $5,$1}'
This is obviously less than ideal for any system with unprivileged
users. I've added a find setting the directory modes to 755 just after
the make distdir (see patch). Please let me know if there's any reason
this can't be committed.
thanks,
--ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lustre-source-fix-unsafe-dir-modes.patch
Type: text/x-patch
Size: 557 bytes
Desc: not available
URL: <http://lists.lustre.org/pipermail/lustre-devel-lustre.org/attachments/20080623/b7b54cb4/attachment.bin>
More information about the lustre-devel
mailing list