[pacman-dev] [PATCH] pacman-db-upgrade: set umask 022
peter at lekensteyn.nl
Sat Dec 20 10:58:09 UTC 2014
This prevents the database from becoming inaccessible for non-root
users when the script was executed with a umask of 027.
Signed-off-by: Peter Wu <peter at lekensteyn.nl>
It would probably be a good idea to set umask 022 for
/var/cache/pacman/archives/ as well, but that is not as severe as this issue.
If there are people who actually use 'umask 027' to make their packages
unreadable, what about a global Umask setting in pacman.conf (defaulting to
scripts/pacman-db-upgrade.sh.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/scripts/pacman-db-upgrade.sh.in b/scripts/pacman-db-upgrade.sh.in
index 7bb277b..e2bb290 100644
@@ -19,6 +19,9 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# Avoid creating world-unreadable files
# gettext initialization
More information about the pacman-dev