makepkg: Remove setgid bit on srcdir/pkgdir creation
It was noted in FS#17533 that setgid bits are carried down into any created subdirectories, and thus could end up being in a built package if the original package directory was marked g+s. When we create src/ and pkg/, explicitly chmod them to remove any sticky bits. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
This commit is contained in:
parent
65d43fbb84
commit
22331fdadb
|
@ -1050,6 +1050,7 @@ create_srcpackage() {
|
||||||
|
|
||||||
# Get back to our src directory so we can begin with sources.
|
# Get back to our src directory so we can begin with sources.
|
||||||
mkdir -p "$srcdir"
|
mkdir -p "$srcdir"
|
||||||
|
chmod a-s "$srcdir"
|
||||||
cd "$srcdir"
|
cd "$srcdir"
|
||||||
download_sources
|
download_sources
|
||||||
# We can only check checksums if we have all files.
|
# We can only check checksums if we have all files.
|
||||||
|
@ -1731,6 +1732,7 @@ fi
|
||||||
|
|
||||||
if (( GENINTEG )); then
|
if (( GENINTEG )); then
|
||||||
mkdir -p "$srcdir"
|
mkdir -p "$srcdir"
|
||||||
|
chmod a-s "$srcdir"
|
||||||
cd "$srcdir"
|
cd "$srcdir"
|
||||||
download_sources
|
download_sources
|
||||||
generate_checksums
|
generate_checksums
|
||||||
|
@ -1830,6 +1832,7 @@ if (( INFAKEROOT )); then
|
||||||
for pkg in ${pkgname[@]}; do
|
for pkg in ${pkgname[@]}; do
|
||||||
pkgdir="$pkgdir/$pkg"
|
pkgdir="$pkgdir/$pkg"
|
||||||
mkdir -p "$pkgdir"
|
mkdir -p "$pkgdir"
|
||||||
|
chmod a-s "$pkgdir"
|
||||||
backup_package_variables
|
backup_package_variables
|
||||||
run_package $pkg
|
run_package $pkg
|
||||||
tidy_install
|
tidy_install
|
||||||
|
@ -1886,6 +1889,7 @@ umask 0022
|
||||||
|
|
||||||
# get back to our src directory so we can begin with sources
|
# get back to our src directory so we can begin with sources
|
||||||
mkdir -p "$srcdir"
|
mkdir -p "$srcdir"
|
||||||
|
chmod a-s "$srcdir"
|
||||||
cd "$srcdir"
|
cd "$srcdir"
|
||||||
|
|
||||||
if (( NOEXTRACT )); then
|
if (( NOEXTRACT )); then
|
||||||
|
@ -1921,6 +1925,7 @@ else
|
||||||
rm -rf "$pkgdir"
|
rm -rf "$pkgdir"
|
||||||
fi
|
fi
|
||||||
mkdir -p "$pkgdir"
|
mkdir -p "$pkgdir"
|
||||||
|
chmod a-s "$pkgdir"
|
||||||
cd "$startdir"
|
cd "$startdir"
|
||||||
|
|
||||||
# if we are root or if fakeroot is not enabled, then we don't use it
|
# if we are root or if fakeroot is not enabled, then we don't use it
|
||||||
|
@ -1941,6 +1946,7 @@ else
|
||||||
for pkg in ${pkgname[@]}; do
|
for pkg in ${pkgname[@]}; do
|
||||||
pkgdir="$pkgdir/$pkg"
|
pkgdir="$pkgdir/$pkg"
|
||||||
mkdir -p "$pkgdir"
|
mkdir -p "$pkgdir"
|
||||||
|
chmod a-s "$pkgdir"
|
||||||
backup_package_variables
|
backup_package_variables
|
||||||
run_package $pkg
|
run_package $pkg
|
||||||
tidy_install
|
tidy_install
|
||||||
|
|
Loading…
Reference in New Issue