Re: Linux kernel source archive vulnerable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Sep 12, 2006 at 01:06:37AM -0400, Kyle Moffett wrote:
> On Sep 11, 2006, at 14:29:58, Jon Lewis wrote:
> >On Fri, 8 Sep 2006, Perego Paolo Franco wrote:
> >
> >>Anyway just few considerations:
> >>2) a good sysadmin is aware that /usr/src is NOT supposed to be  
> >>world writable
> >
> >For some reason (bug in how they're being checked out of git, I  
> >assume), the latest kernel source tar files have all files and  
> >directories world writable.  This is not how it's been in the past  
> >and is not how it should be.
> 
> -ENOBUG
> 
> Please see these threads and quit bringing up this topic like crazy:
> http://marc.theaimsgroup.com/?l=linux-kernel&m=113304241100330&w=2
> http://marc.theaimsgroup.com/?l=linux-kernel&m=114635639325551&w=2

BTW, since git 1.4.2, it's possible to specify "umask=022" in the [tar]
section of the repo config to bring back the old behaviour. Maybe it
would be a good idea to use it on Linus' side to make everyone happy ?

Regards,
Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux