Created attachment 161173 [details]
Patch for 
- Fix build from plain user; don'r set set[ug]id bits from install, set them via plist 
- Plist should be revisited: only directories/files which are intended to be modified by ecartis process should be owned by ecartis:ecartis. Otherwise it's a security problem.
Approved by maintainer.
A commit references this bug:
Date: Thu Oct 1 17:31:34 UTC 2015
New revision: 398374
- Fix build from plain user; don'r set set[ug]id bits from install, set them via plist
Submitted by: amdmi3
Approved by: email@example.com (maintainer)
Patch committed, but you still need to fix plist: only directories or files which need to be writable should be owned by ecartis.
Any news on this?
Yes, the entire /usr/local/ecartis directory structure needs to be owned by the ecartis user as ecartis is currently written. It is a matter for upstream (which I also am, but this is significantly lower on the priority list than some other issues).