Bug 203665
| Summary: | news/diablo: plist, permission problems | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Dmitry Marakasov <amdmi3> | ||||
| Component: | Individual Port(s) | Assignee: | Dmitry Marakasov <amdmi3> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Many People | CC: | lifanov | ||||
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(lifanov) |
||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Thank you for improvements! I approve the patch. You are right about it being odd that the entire news/ is writable. Unfortunately, this is a common pattern for nntp software since the beginning. If you install news/inn, for example, it also has binaries under news/ and expects other subdirectories to be writable by news. I am looking at a CentOS package for Diablo that does the same thing. I would be hesitant to change permissions under the news directory because it can break custom workflows for users of the port in subtle ways. A commit references this bug: Author: amdmi3 Date: Mon Oct 12 17:34:44 UTC 2015 New revision: 399143 URL: https://svnweb.freebsd.org/changeset/ports/399143 Log: - Add missing directories to plist, fixing stage-qa - Silence patching - Switch to options helpers PR: 203665 Submitted by: amdmi3 Approved by: lifanov@mail.lifanov.com (maintainer) Changes: head/news/diablo/Makefile head/news/diablo/pkg-plist |
Created attachment 161864 [details] Patch - Add missing directories to plist, fixing stage-qa - Silence patching - Switch to options helpers. There are problems this patch doesn'r fix though: for some reason binaries and samples are writable by news. This is incorrect and is a security issue. Not sure if files directly under news/ should be writable - that should be checked.