Portupgrade & Ruby | warning: Insecure world
Garance A Drosihn
drosih at rpi.edu
Wed Apr 5 19:11:29 UTC 2006
At 3:38 PM +0200 4/5/06, Jonas Jacobsen wrote:
>When i use portupgrade, i get this Warning all the time
>
>/usr/local/lib/ruby/site_ruby/1.8/pkgtools.rb:980:
> warning: Insecure world writable dir /tmp, mode 041777
>
>have any of you seen that warning before,? and do you
>know how to make it go away ?
This comes from a recent security-minded change made
to ruby. Your PATH references something in /tmp, and
since other userids *could* change things in /tmp,
this is warning that you might have a security problem.
I think several ruby users have found this recent change
is perhaps a bit over-zealous in it's warning. Which is
to say, "it is annoying".
You could change your setting of PATH to avoid this.
Perhaps the pkgtools.rb script could be changed to
automatically change the PATH, but in this case it
would have no idea *why* you reference some directory
under /tmp in your PATH. So it's probably a bad idea
for the script to change the value.
--
Garance Alistair Drosehn = gad at gilead.netel.rpi.edu
Senior Systems Programmer or gad at freebsd.org
Rensselaer Polytechnic Institute or drosih at rpi.edu
More information about the freebsd-questions
mailing list