Bug 229678 - cad/fritzing: world writable files in /usr/local/share/fritzing
Summary: cad/fritzing: world writable files in /usr/local/share/fritzing
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Rene Ladan
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-07-10 18:32 UTC by Leon Dietrich
Modified: 2020-07-23 17:31 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (lenzi.sergio)


Attachments
svn-diff-fritzing (415 bytes, patch)
2019-08-14 13:39 UTC, Walter Schwarzenfeld
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Leon Dietrich 2018-07-10 18:32:58 UTC
The fritzing port includes many files inside the directory /usr/local/share/fritzing and other directories which are world writable and executable and some of them are binaries loaded by other users. This seams to unnecessary and implements a security risk.
Comment 1 Walter Schwarzenfeld freebsd_triage 2019-08-14 13:39:55 UTC
Created attachment 206537 [details]
svn-diff-fritzing
Comment 2 Rene Ladan freebsd_committer 2020-07-23 17:31:06 UTC
The suggested patch does not improve this situation much? It still leaves files group writable (why?). There are some Python files which we probably want to be executable, but the rest can indeed be non-executable.