[m-dev.] trivial diff: fix bindist chmod bug

Fergus Henderson fjh at cs.mu.OZ.AU
Mon Oct 4 19:15:13 AEST 1999


Estimated hours taken: 0.25

Fix a security problem with the use of `chmod +w'.

bindist/bindist.Makefile.in:
        Use `chmod u+w' rather than `chmod +w' on the installed files,
        since `chmod +w' has the wrong effect with some versions of chmod.
        When configure creates automatically-generated files, we (used to)
	do a `chmod -w' on them to make sure that you don't accidentally edit
        the automatically-generated file rather than the source `.in' file.
        However, if the installed copies are write-only, then it causes
        problems when installing a new copy on top of an old one.
        Hence we turn write permission back on again on the installed copies.
        The `chmod +w' command has the right effect on Solaris, OSF/1, Linux,
	and SunOS, where it takes into account the umask.  However, on IRIX
	and ULTRIX, `chmod +w' does not take the umask into account, and so
        makes the files world-writable, which is a security problem.
        Hence, we now use `chmod u+w' instead.

Workspace: /home/mercury0/fjh/mercury
Index: bindist/bindist.Makefile.in
===================================================================
RCS file: /home/mercury1/repository/mercury/bindist/bindist.Makefile.in,v
retrieving revision 1.19
diff -u -r1.19 bindist.Makefile.in
--- bindist.Makefile.in	1999/03/16 06:11:36	1.19
+++ bindist.Makefile.in	1999/10/04 04:51:58
@@ -96,7 +96,7 @@
 	cp $(INSTALL_SCRIPTS) $(INSTALL_BINDIR)
 	for file in $(INSTALL_SCRIPTS); do \
 		base=`basename $$file`; \
-		chmod +w $(INSTALL_BINDIR)/$$base ;\
+		chmod u+w $(INSTALL_BINDIR)/$$base ;\
 	done
 	@echo "-- Done."
 

-- 
Fergus Henderson <fjh at cs.mu.oz.au>  |  "I have always known that the pursuit
WWW: <http://www.cs.mu.oz.au/~fjh>  |  of excellence is a lethal habit"
PGP: finger fjh at 128.250.37.3        |     -- the last words of T. S. Garp.
--------------------------------------------------------------------------
mercury-developers mailing list
Post messages to:       mercury-developers at cs.mu.oz.au
Administrative Queries: owner-mercury-developers at cs.mu.oz.au
Subscriptions:          mercury-developers-request at cs.mu.oz.au
--------------------------------------------------------------------------



More information about the developers mailing list