From: Willy Tarreau <w@1wt.eu>
To: Kyle Moffett <mrmacman_g4@mac.com>
Cc: Jon Lewis <jlewis@lewis.org>,
Perego Paolo Franco <p.perego@reply.it>,
linux-kernel@vger.kernel.org, Hadmut Danisch <hadmut@danisch.de>,
torvalds@osdl.org
Subject: Re: Linux kernel source archive vulnerable
Date: Tue, 12 Sep 2006 07:27:29 +0200 [thread overview]
Message-ID: <20060912052729.GF541@1wt.eu> (raw)
In-Reply-To: <8E63F0FB-DDD3-41D4-AFA7-88E66D0E9C8D@mac.com>
On Tue, Sep 12, 2006 at 01:06:37AM -0400, Kyle Moffett wrote:
> On Sep 11, 2006, at 14:29:58, Jon Lewis wrote:
> >On Fri, 8 Sep 2006, Perego Paolo Franco wrote:
> >
> >>Anyway just few considerations:
> >>2) a good sysadmin is aware that /usr/src is NOT supposed to be
> >>world writable
> >
> >For some reason (bug in how they're being checked out of git, I
> >assume), the latest kernel source tar files have all files and
> >directories world writable. This is not how it's been in the past
> >and is not how it should be.
>
> -ENOBUG
>
> Please see these threads and quit bringing up this topic like crazy:
> http://marc.theaimsgroup.com/?l=linux-kernel&m=113304241100330&w=2
> http://marc.theaimsgroup.com/?l=linux-kernel&m=114635639325551&w=2
BTW, since git 1.4.2, it's possible to specify "umask=022" in the [tar]
section of the repo config to bring back the old behaviour. Maybe it
would be a good idea to use it on Linus' side to make everyone happy ?
Regards,
Willy
next prev parent reply other threads:[~2006-09-12 5:34 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20060907182304.GA10686@danisch.de>
[not found] ` <D432C2F98B6D1B4BAE47F2770FEFD6B612B8B7@to1mbxs02.replynet.prv>
2006-09-11 18:29 ` R: Linux kernel source archive vulnerable Jon Lewis
2006-09-12 5:06 ` Kyle Moffett
2006-09-12 5:27 ` Willy Tarreau [this message]
2006-09-12 19:42 ` David Wagner
2006-09-12 20:35 ` linux-os (Dick Johnson)
2006-09-12 21:35 ` David Wagner
2006-09-12 22:56 ` Rene Scharfe
2006-09-13 1:17 ` David Wagner
2006-09-13 4:33 ` Willy Tarreau
2006-09-13 5:34 ` David Wagner
2006-09-13 6:17 ` Kyle Moffett
2006-09-13 6:26 ` David Wagner
2006-09-13 6:49 ` Kyle Moffett
2006-09-13 6:59 ` David Wagner
2006-09-13 8:12 ` Kyle Moffett
2006-09-14 22:38 ` David Wagner
2006-09-15 7:28 ` Stefan Richter
2006-09-13 10:45 ` Martin Mares
2006-09-13 11:13 ` Jan Engelhardt
2006-09-13 6:26 ` Jan Engelhardt
2006-09-13 19:49 ` Willy Tarreau
2006-09-13 8:51 ` Stefan Richter
2006-09-14 23:04 ` Bill Davidsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060912052729.GF541@1wt.eu \
--to=w@1wt.eu \
--cc=hadmut@danisch.de \
--cc=jlewis@lewis.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mrmacman_g4@mac.com \
--cc=p.perego@reply.it \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.