[pacman-dev] [PATCH] Remove setgid bit on srcdir/pkgdir creation
Dan McGee
dpmcgee at gmail.com
Wed Jan 20 00:56:37 EST 2010
On Tue, Jan 19, 2010 at 11:51 PM, Allan McRae <allan at archlinux.org> wrote:
> Dan McGee wrote:
>>
>> On Tue, Jan 19, 2010 at 11:25 PM, Dan McGee <dan at archlinux.org> wrote:
>>>
>>> It was noted in FS#17533 that setgid bits are carried down into any
>>> created
>>> subdirectories, and thus could end up being in a built package if the
>>> original package directory was marked g+s. When we create src/ and pkg/,
>>> explicitly chmod them to remove any sticky bits.
>>>
>>> Signed-off-by: Dan McGee <dan at archlinux.org>
>>> ---
>>
>> I forgot to add here that I wasn't particularly happy I had to add an
>> additional command in 6 places. Do we know why we create these
>> directories so much? Some of them are probably unnecessary...
>>
>> -Dan
>
> Some of them are because $pkgdir does change its value with package
> splitting, so we have one for $startdir/pkg and then another for
> $startdir/pkg/{pkg1,pkg2...}. Then there is whether or not we do the
> packaging in fakeroot, which is in a 10 line for loop that is duplicated and
> could be refactored.
>
> The creation of $srcdir is done either before downloading sources,
> performing integrity checks or creating a source package. These could all
> go in the download_sources function, but if my skipinteg patches are
> included, we will need the one back for creating a source package.
>
> So 4/6 are needed...
Oh wow, OK. So with that said, does this patch look like it will
actually work for what it set out to do? :P
-Dan
More information about the pacman-dev
mailing list