ports/87317: Update port: www/jwchat (fix permissions)
Denis Shaposhnikov
dsh at vlink.ru
Wed Oct 12 11:30:11 UTC 2005
>Number: 87317
>Category: ports
>Synopsis: Update port: www/jwchat (fix permissions)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Oct 12 11:30:09 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Denis Shaposhnikov
>Release: FreeBSD 7.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #21: Sun Aug 14 15:59:53 MSD 2005 dsh at neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/NEVA i386
>Description:
The port gives RW permissions for installed files to www user. I think
that it's insecure solution. This patch fixes it.
>How-To-Repeat:
cd /usr/ports/www && make install
ls -l /usr/local/www/jwchat
>Fix:
diff -Nru jwchat.orig/Makefile jwchat/Makefile
--- jwchat.orig/Makefile Wed Oct 12 15:22:14 2005
+++ jwchat/Makefile Wed Oct 12 14:24:01 2005
@@ -25,12 +25,13 @@
do-install:
${MKDIR} ${PREFIX}/www ${DATADIR}
- ${CP} ${WRKSRC}/config.js ${DATADIR}
+ ${INSTALL_DATA} ${WRKSRC}/config.js ${DATADIR}
${MV} ${WRKSRC}/config.js ${WRKSRC}/config.js.sample
${CP} -R ${WRKSRC}/ ${PREFIX}/www/${PORTNAME}
[ ! -f ${PREFIX}/www/${PORTNAME}/config.js ] && \
${CP} ${DATADIR}/config.js ${PREFIX}/www/${PORTNAME}/config.js || true
- ${CHOWN} -R ${WWWOWN}:${WWWGRP} ${PREFIX}/www/${PORTNAME}
+ ${FIND} ${PREFIX}/www/${PORTNAME} ! -name config.js -print0 | ${XARGS} -0 ${CHOWN} ${SHAREOWN}:${SHAREGRP}
+ ${FIND} ${PREFIX}/www/${PORTNAME} -type f -and ! -name config.js -print0 -type f | ${XARGS} -0 ${CHMOD} ${SHAREMODE}
post-install:
@${CAT} ${PKGMESSAGE}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list