Uploaded image for project: 'serf'
  1. serf
  2. SERF-181

Source tarball file modes are group- and world-writable

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • serf-1.3.9
    • None
    • None

    Description

      The modes of the files in the serf-1.3.9.tar.bz2 source tarball are all group- and world-writable. This is problematic if the tarball is extracted as root since many tar implementations will preserve the file modes even without the -p option, thus creating files that are group- and world-writable. It would be better if the file modes were not group- and world-writable in the tarball.

      % tar tjvf serf-1.3.9.tar.bz2
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/
-rw-rw-rw-  0 bert   bert    14372 Aug 29  2016 serf-1.3.9/CHANGES
-rw-rw-rw-  0 bert   bert    11357 Aug 26  2007 serf-1.3.9/LICENSE
-rw-rw-rw-  0 bert   bert      287 Sep 17  2015 serf-1.3.9/NOTICE
-rw-rw-rw-  0 bert   bert     2842 Sep 17  2015 serf-1.3.9/README
-rw-rw-rw-  0 bert   bert    17388 Sep 17  2015 serf-1.3.9/SConstruct
-rw-rw-rw-  0 bert   bert      520 Oct 17  2015 serf-1.3.9/STATUS
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/auth/
-rw-rw-rw-  0 bert   bert    16390 Sep 17  2015 serf-1.3.9/auth/auth.c
-rw-rw-rw-  0 bert   bert     6570 Sep 17  2015 serf-1.3.9/auth/auth.h
-rw-rw-rw-  0 bert   bert     6020 Sep 17  2015 serf-1.3.9/auth/auth_basic.c
-rw-rw-rw-  0 bert   bert    17883 Sep 17  2015 serf-1.3.9/auth/auth_digest.c
-rw-rw-rw-  0 bert   bert    23808 Sep 17  2015 serf-1.3.9/auth/auth_spnego.c
-rw-rw-rw-  0 bert   bert     4133 Sep 17  2015 serf-1.3.9/auth/auth_spnego.h
-rw-rw-rw-  0 bert   bert     8096 Sep 17  2015 serf-1.3.9/auth/auth_spnego_gss.c
-rw-rw-rw-  0 bert   bert     9296 Sep 17  2015 serf-1.3.9/auth/auth_spnego_sspi.c
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/buckets/
-rw-rw-rw-  0 bert   bert    14119 Sep 17  2015 serf-1.3.9/buckets/aggregate_buckets.c
-rw-rw-rw-  0 bert   bert    12238 Sep 17  2015 serf-1.3.9/buckets/allocator.c
-rw-rw-rw-  0 bert   bert     3371 Sep 17  2015 serf-1.3.9/buckets/barrier_buckets.c
-rw-rw-rw-  0 bert   bert    18434 Sep 17  2015 serf-1.3.9/buckets/buckets.c
-rw-rw-rw-  0 bert   bert    17625 Sep 17  2015 serf-1.3.9/buckets/bwtp_buckets.c
-rw-rw-rw-  0 bert   bert     7227 Sep 17  2015 serf-1.3.9/buckets/chunk_buckets.c
-rw-rw-rw-  0 bert   bert     6547 Sep 17  2015 serf-1.3.9/buckets/dechunk_buckets.c
-rw-rw-rw-  0 bert   bert    14904 Sep 17  2015 serf-1.3.9/buckets/deflate_buckets.c
-rw-rw-rw-  0 bert   bert     3939 Sep 17  2015 serf-1.3.9/buckets/file_buckets.c
-rw-rw-rw-  0 bert   bert    13282 Sep 17  2015 serf-1.3.9/buckets/headers_buckets.c
-rw-rw-rw-  0 bert   bert     5250 Sep 17  2015 serf-1.3.9/buckets/iovec_buckets.c
-rw-rw-rw-  0 bert   bert     3798 Sep 17  2015 serf-1.3.9/buckets/limit_buckets.c
-rw-rw-rw-  0 bert   bert     3900 Sep 17  2015 serf-1.3.9/buckets/mmap_buckets.c
-rw-rw-rw-  0 bert   bert     7747 Sep 17  2015 serf-1.3.9/buckets/request_buckets.c
-rw-rw-rw-  0 bert   bert     4223 Sep 17  2015 serf-1.3.9/buckets/response_body_buckets.c
-rw-rw-rw-  0 bert   bert    16027 Sep 17  2015 serf-1.3.9/buckets/response_buckets.c
-rw-rw-rw-  0 bert   bert     4686 Sep 17  2015 serf-1.3.9/buckets/simple_buckets.c
-rw-rw-rw-  0 bert   bert     3957 Sep 17  2015 serf-1.3.9/buckets/socket_buckets.c
-rw-rw-rw-  0 bert   bert    60398 Jun 30  2016 serf-1.3.9/buckets/ssl_buckets.c
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/build/
-rwxrwxrwx  0 bert   bert     2206 Sep 17  2015 serf-1.3.9/build/check.py
-rwxrwxrwx  0 bert   bert     2694 Sep 17  2015 serf-1.3.9/build/gen_def.py
-rw-rw-rw-  0 bert   bert      318 Oct  4  2013 serf-1.3.9/build/serf.pc.in
-rw-rw-rw-  0 bert   bert    11892 Oct 17  2015 serf-1.3.9/context.c
-rw-rw-rw-  0 bert   bert     5880 Aug 26  2007 serf-1.3.9/design-guide.txt
-rw-rw-rw-  0 bert   bert     4380 Sep 17  2015 serf-1.3.9/incoming.c
-rw-rw-rw-  0 bert   bert    58625 Oct 17  2015 serf-1.3.9/outgoing.c
-rw-rw-rw-  0 bert   bert    39346 Sep 17  2015 serf-1.3.9/serf.h
-rw-rw-rw-  0 bert   bert    21225 Sep 17  2015 serf-1.3.9/serf_bucket_types.h
-rw-rw-rw-  0 bert   bert     8787 Sep 17  2015 serf-1.3.9/serf_bucket_util.h
-rw-rw-rw-  0 bert   bert    15934 Sep 17  2015 serf-1.3.9/serf_private.h
-rw-rw-rw-  0 bert   bert     7291 Sep 17  2015 serf-1.3.9/ssltunnel.c
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/test/
-rw-rw-rw-  0 bert   bert     7485 Oct 12  2008 serf-1.3.9/test/CuTest-README.txt
-rw-rw-rw-  0 bert   bert    11273 Oct  4  2013 serf-1.3.9/test/CuTest.c
-rw-rw-rw-  0 bert   bert     6409 Jul 21  2013 serf-1.3.9/test/CuTest.h
-rw-rw-rw-  0 bert   bert    11135 Sep 17  2015 serf-1.3.9/test/mock_buckets.c
-rw-rw-rw-  0 bert   bert    20061 Sep 17  2015 serf-1.3.9/test/serf_bwtp.c
-rw-rw-rw-  0 bert   bert    21439 Sep 17  2015 serf-1.3.9/test/serf_get.c
-rw-rw-rw-  0 bert   bert     2521 Sep 17  2015 serf-1.3.9/test/serf_request.c
-rw-rw-rw-  0 bert   bert     4683 Sep 17  2015 serf-1.3.9/test/serf_response.c
-rw-rw-rw-  0 bert   bert     4120 Sep 17  2015 serf-1.3.9/test/serf_server.c
-rw-rw-rw-  0 bert   bert    25059 Sep 17  2015 serf-1.3.9/test/serf_spider.c
-rw-rw-rw-  0 bert   bert     3656 Mar 21  2008 serf-1.3.9/test/serftestca.pem
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/test/server/
-rw-rw-rw-  0 bert   bert     1489 Jun 30  2016 serf-1.3.9/test/server/serfcacert.pem
-rw-rw-rw-  0 bert   bert     3677 Jun 30  2016 serf-1.3.9/test/server/serfclientcert.p12
-rw-rw-rw-  0 bert   bert     1505 Jun 30  2016 serf-1.3.9/test/server/serfrootcacert.pem
-rw-rw-rw-  0 bert   bert     1371 Jun 30  2016 serf-1.3.9/test/server/serfserver_expired_cert.pem
-rw-rw-rw-  0 bert   bert     1371 Jun 30  2016 serf-1.3.9/test/server/serfserver_future_cert.pem
-rw-rw-rw-  0 bert   bert     1371 Jun 30  2016 serf-1.3.9/test/server/serfservercert.pem
-rw-rw-rw-  0 bert   bert     1834 Jun 30  2016 serf-1.3.9/test/server/serfserverkey.pem
-rw-rw-rw-  0 bert   bert    21996 Sep 17  2015 serf-1.3.9/test/server/test_server.c
-rw-rw-rw-  0 bert   bert     5259 Sep 17  2015 serf-1.3.9/test/server/test_server.h
-rw-rw-rw-  0 bert   bert    13854 Jun 30  2016 serf-1.3.9/test/server/test_sslserver.c
-rw-rw-rw-  0 bert   bert     3217 Sep 17  2015 serf-1.3.9/test/test_all.c
-rw-rw-rw-  0 bert   bert    23992 Sep 17  2015 serf-1.3.9/test/test_auth.c
-rw-rw-rw-  0 bert   bert    58829 Sep 17  2015 serf-1.3.9/test/test_buckets.c
-rw-rw-rw-  0 bert   bert    86012 Sep 17  2015 serf-1.3.9/test/test_context.c
-rw-rw-rw-  0 bert   bert    10811 Sep 17  2015 serf-1.3.9/test/test_serf.h
-rw-rw-rw-  0 bert   bert    10622 Sep 17  2015 serf-1.3.9/test/test_ssl.c
-rw-rw-rw-  0 bert   bert    21513 Sep 17  2015 serf-1.3.9/test/test_util.c
drwxrwxrwx  0 bert   bert        0 Aug 29  2016 serf-1.3.9/test/testcases/
-rw-rw-rw-  0 bert   bert      258 Sep  4  2004 serf-1.3.9/test/testcases/chunked-empty.response
-rw-rw-rw-  0 bert   bert      131 Sep  8  2004 serf-1.3.9/test/testcases/chunked-trailers.response
-rw-rw-rw-  0 bert   bert      114 Sep  8  2004 serf-1.3.9/test/testcases/chunked.response
-rw-rw-rw-  0 bert   bert      639 Sep  8  2004 serf-1.3.9/test/testcases/deflate.response
-rw-rw-rw-  0 bert   bert       16 Mar 29  2005 serf-1.3.9/test/testcases/simple.request
-rw-rw-rw-  0 bert   bert      845 Sep  4  2004 serf-1.3.9/test/testcases/simple.response

      Attachments

        Activity

          People

            Unassigned Unassigned
            jlmuir0 J. Lewis Muir
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: