Uploaded image for project: 'Maven Site Plugin'
  1. Maven Site Plugin
  2. MSITE-141

Possible security hole when deploying site

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 2.0-beta-5
    • 2.1
    • site:deploy
    • None
    • Linux gentoo 2.6.16 64bit, maven 2.0.2

    Description

      When the site is deployed into a directory /foo/bar, the following command is issued over a ssh:
      chmod -Rf g+w /foo/bar/
      it was intended to use g+r I presume?

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. MSITE-330 Wagon nukes the permission bits of uploaded files.

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MSITE-396 Site Deployment with scpexe fails because of chmod exit code

          • Major - Major loss of function.
          • Closed
          supercedes

          Improvement - An improvement or enhancement to an existing feature or task. MSITE-30 site:deploy incompatibilities with m1.02

          • Major - Major loss of function.
          • Closed

          Activity

            People

              ltheussl Lukas Theussl
              vyzivus Martin Vysny
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: