From: Peter Seebach <peter.seebach@windriver.com>
To: <openembedded-core@lists.openembedded.org>
Subject: [PATCH 0/1] pseudo permissions: better fchmodat, mask out write bits
Date: Mon, 19 May 2014 16:51:40 -0500 [thread overview]
Message-ID: <cover.1400277127.git.peter.seebach@windriver.com> (raw)
(Sorry if this ends up getting duplicated, had mail server issues,
and there may be deferred copies floating around somewhere.)
Two changes:
1. Report failures from calling fchmodat with AT_SYMLINK_NOFOLLOW,
because otherwise GNU tar won't set modes as well as we would like
it to. (No effect on generated filesystems, I think, just on the
underlying local filesystem.)
2. Mask out write bits for non-user in the real filesystem, so other
users can't add stuff to the mode 777 directories in your rootfs.
The following changes since commit e273301efa0037a13c3a60b4414140364d9c9873:
gstreamer/lame: Better gcc 4.9 fix (2014-05-15 23:27:41 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib sees/pseudo-fchmodat
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=seebs/pseudo-fchmodat
Peter Seebach (1):
pseudo: handle fchmodat better, mask out unwanted write bits
.../pseudo/files/pseudo-fchmodat-permissions.patch | 98 ++++++++++++++++++++
meta/recipes-devtools/pseudo/pseudo_1.5.1.bb | 3 +-
2 files changed, 100 insertions(+), 1 deletions(-)
create mode 100644 meta/recipes-devtools/pseudo/files/pseudo-fchmodat-permissions.patch
next reply other threads:[~2014-05-19 21:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-19 21:51 Peter Seebach [this message]
2014-05-19 21:51 ` [PATCH 1/1] pseudo: handle fchmodat better, mask out unwanted write bits Peter Seebach
2014-05-21 15:14 ` Saul Wold
2014-05-21 18:58 ` Peter Seebach
2014-05-21 19:00 ` Burton, Ross
2014-05-21 23:08 ` Peter Seebach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1400277127.git.peter.seebach@windriver.com \
--to=peter.seebach@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.