[ https://issues.apache.org/jira/browse/SERF-181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Shahaf updated SERF-181: ------------------------------- Simply setting `umask 022` in dist.sh before the `svn export` commands are run should fix this. > Source tarball file modes are group- and world-writable > ------------------------------------------------------- > > Key: SERF-181 > URL: https://issues.apache.org/jira/browse/SERF-181 > Project: serf > Issue Type: Bug > Affects Versions: serf-1.3.9 > Reporter: J. Lewis Muir > Priority: Minor > > The modes of the files in the serf-1.3.9.tar.bz2 source tarball are all > group- and world-writable. This is problematic if the tarball is extracted > as root since many tar implementations will preserve the file modes even > without the {{\-p}} option, thus creating files that are group- and > world-writable. It would be better if the file modes were not group- and > world-writable in the tarball. > {noformat} > % tar tjvf serf-1.3.9.tar.bz2 > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/ > -rw-rw-rw- 0 bert bert 14372 Aug 29 2016 serf-1.3.9/CHANGES > -rw-rw-rw- 0 bert bert 11357 Aug 26 2007 serf-1.3.9/LICENSE > -rw-rw-rw- 0 bert bert 287 Sep 17 2015 serf-1.3.9/NOTICE > -rw-rw-rw- 0 bert bert 2842 Sep 17 2015 serf-1.3.9/README > -rw-rw-rw- 0 bert bert 17388 Sep 17 2015 serf-1.3.9/SConstruct > -rw-rw-rw- 0 bert bert 520 Oct 17 2015 serf-1.3.9/STATUS > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/auth/ > -rw-rw-rw- 0 bert bert 16390 Sep 17 2015 serf-1.3.9/auth/auth.c > -rw-rw-rw- 0 bert bert 6570 Sep 17 2015 serf-1.3.9/auth/auth.h > -rw-rw-rw- 0 bert bert 6020 Sep 17 2015 serf-1.3.9/auth/auth_basic.c > -rw-rw-rw- 0 bert bert 17883 Sep 17 2015 serf-1.3.9/auth/auth_digest.c > -rw-rw-rw- 0 bert bert 23808 Sep 17 2015 serf-1.3.9/auth/auth_spnego.c > -rw-rw-rw- 0 bert bert 4133 Sep 17 2015 serf-1.3.9/auth/auth_spnego.h > -rw-rw-rw- 0 bert bert 8096 Sep 17 2015 > serf-1.3.9/auth/auth_spnego_gss.c > -rw-rw-rw- 0 bert bert 9296 Sep 17 2015 > serf-1.3.9/auth/auth_spnego_sspi.c > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/buckets/ > -rw-rw-rw- 0 bert bert 14119 Sep 17 2015 > serf-1.3.9/buckets/aggregate_buckets.c > -rw-rw-rw- 0 bert bert 12238 Sep 17 2015 serf-1.3.9/buckets/allocator.c > -rw-rw-rw- 0 bert bert 3371 Sep 17 2015 > serf-1.3.9/buckets/barrier_buckets.c > -rw-rw-rw- 0 bert bert 18434 Sep 17 2015 serf-1.3.9/buckets/buckets.c > -rw-rw-rw- 0 bert bert 17625 Sep 17 2015 > serf-1.3.9/buckets/bwtp_buckets.c > -rw-rw-rw- 0 bert bert 7227 Sep 17 2015 > serf-1.3.9/buckets/chunk_buckets.c > -rw-rw-rw- 0 bert bert 6547 Sep 17 2015 > serf-1.3.9/buckets/dechunk_buckets.c > -rw-rw-rw- 0 bert bert 14904 Sep 17 2015 > serf-1.3.9/buckets/deflate_buckets.c > -rw-rw-rw- 0 bert bert 3939 Sep 17 2015 > serf-1.3.9/buckets/file_buckets.c > -rw-rw-rw- 0 bert bert 13282 Sep 17 2015 > serf-1.3.9/buckets/headers_buckets.c > -rw-rw-rw- 0 bert bert 5250 Sep 17 2015 > serf-1.3.9/buckets/iovec_buckets.c > -rw-rw-rw- 0 bert bert 3798 Sep 17 2015 > serf-1.3.9/buckets/limit_buckets.c > -rw-rw-rw- 0 bert bert 3900 Sep 17 2015 > serf-1.3.9/buckets/mmap_buckets.c > -rw-rw-rw- 0 bert bert 7747 Sep 17 2015 > serf-1.3.9/buckets/request_buckets.c > -rw-rw-rw- 0 bert bert 4223 Sep 17 2015 > serf-1.3.9/buckets/response_body_buckets.c > -rw-rw-rw- 0 bert bert 16027 Sep 17 2015 > serf-1.3.9/buckets/response_buckets.c > -rw-rw-rw- 0 bert bert 4686 Sep 17 2015 > serf-1.3.9/buckets/simple_buckets.c > -rw-rw-rw- 0 bert bert 3957 Sep 17 2015 > serf-1.3.9/buckets/socket_buckets.c > -rw-rw-rw- 0 bert bert 60398 Jun 30 2016 > serf-1.3.9/buckets/ssl_buckets.c > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/build/ > -rwxrwxrwx 0 bert bert 2206 Sep 17 2015 serf-1.3.9/build/check.py > -rwxrwxrwx 0 bert bert 2694 Sep 17 2015 serf-1.3.9/build/gen_def.py > -rw-rw-rw- 0 bert bert 318 Oct 4 2013 serf-1.3.9/build/serf.pc.in > -rw-rw-rw- 0 bert bert 11892 Oct 17 2015 serf-1.3.9/context.c > -rw-rw-rw- 0 bert bert 5880 Aug 26 2007 serf-1.3.9/design-guide.txt > -rw-rw-rw- 0 bert bert 4380 Sep 17 2015 serf-1.3.9/incoming.c > -rw-rw-rw- 0 bert bert 58625 Oct 17 2015 serf-1.3.9/outgoing.c > -rw-rw-rw- 0 bert bert 39346 Sep 17 2015 serf-1.3.9/serf.h > -rw-rw-rw- 0 bert bert 21225 Sep 17 2015 serf-1.3.9/serf_bucket_types.h > -rw-rw-rw- 0 bert bert 8787 Sep 17 2015 serf-1.3.9/serf_bucket_util.h > -rw-rw-rw- 0 bert bert 15934 Sep 17 2015 serf-1.3.9/serf_private.h > -rw-rw-rw- 0 bert bert 7291 Sep 17 2015 serf-1.3.9/ssltunnel.c > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/test/ > -rw-rw-rw- 0 bert bert 7485 Oct 12 2008 > serf-1.3.9/test/CuTest-README.txt > -rw-rw-rw- 0 bert bert 11273 Oct 4 2013 serf-1.3.9/test/CuTest.c > -rw-rw-rw- 0 bert bert 6409 Jul 21 2013 serf-1.3.9/test/CuTest.h > -rw-rw-rw- 0 bert bert 11135 Sep 17 2015 serf-1.3.9/test/mock_buckets.c > -rw-rw-rw- 0 bert bert 20061 Sep 17 2015 serf-1.3.9/test/serf_bwtp.c > -rw-rw-rw- 0 bert bert 21439 Sep 17 2015 serf-1.3.9/test/serf_get.c > -rw-rw-rw- 0 bert bert 2521 Sep 17 2015 serf-1.3.9/test/serf_request.c > -rw-rw-rw- 0 bert bert 4683 Sep 17 2015 > serf-1.3.9/test/serf_response.c > -rw-rw-rw- 0 bert bert 4120 Sep 17 2015 serf-1.3.9/test/serf_server.c > -rw-rw-rw- 0 bert bert 25059 Sep 17 2015 serf-1.3.9/test/serf_spider.c > -rw-rw-rw- 0 bert bert 3656 Mar 21 2008 serf-1.3.9/test/serftestca.pem > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/test/server/ > -rw-rw-rw- 0 bert bert 1489 Jun 30 2016 > serf-1.3.9/test/server/serfcacert.pem > -rw-rw-rw- 0 bert bert 3677 Jun 30 2016 > serf-1.3.9/test/server/serfclientcert.p12 > -rw-rw-rw- 0 bert bert 1505 Jun 30 2016 > serf-1.3.9/test/server/serfrootcacert.pem > -rw-rw-rw- 0 bert bert 1371 Jun 30 2016 > serf-1.3.9/test/server/serfserver_expired_cert.pem > -rw-rw-rw- 0 bert bert 1371 Jun 30 2016 > serf-1.3.9/test/server/serfserver_future_cert.pem > -rw-rw-rw- 0 bert bert 1371 Jun 30 2016 > serf-1.3.9/test/server/serfservercert.pem > -rw-rw-rw- 0 bert bert 1834 Jun 30 2016 > serf-1.3.9/test/server/serfserverkey.pem > -rw-rw-rw- 0 bert bert 21996 Sep 17 2015 > serf-1.3.9/test/server/test_server.c > -rw-rw-rw- 0 bert bert 5259 Sep 17 2015 > serf-1.3.9/test/server/test_server.h > -rw-rw-rw- 0 bert bert 13854 Jun 30 2016 > serf-1.3.9/test/server/test_sslserver.c > -rw-rw-rw- 0 bert bert 3217 Sep 17 2015 serf-1.3.9/test/test_all.c > -rw-rw-rw- 0 bert bert 23992 Sep 17 2015 serf-1.3.9/test/test_auth.c > -rw-rw-rw- 0 bert bert 58829 Sep 17 2015 serf-1.3.9/test/test_buckets.c > -rw-rw-rw- 0 bert bert 86012 Sep 17 2015 serf-1.3.9/test/test_context.c > -rw-rw-rw- 0 bert bert 10811 Sep 17 2015 serf-1.3.9/test/test_serf.h > -rw-rw-rw- 0 bert bert 10622 Sep 17 2015 serf-1.3.9/test/test_ssl.c > -rw-rw-rw- 0 bert bert 21513 Sep 17 2015 serf-1.3.9/test/test_util.c > drwxrwxrwx 0 bert bert 0 Aug 29 2016 serf-1.3.9/test/testcases/ > -rw-rw-rw- 0 bert bert 258 Sep 4 2004 > serf-1.3.9/test/testcases/chunked-empty.response > -rw-rw-rw- 0 bert bert 131 Sep 8 2004 > serf-1.3.9/test/testcases/chunked-trailers.response > -rw-rw-rw- 0 bert bert 114 Sep 8 2004 > serf-1.3.9/test/testcases/chunked.response > -rw-rw-rw- 0 bert bert 639 Sep 8 2004 > serf-1.3.9/test/testcases/deflate.response > -rw-rw-rw- 0 bert bert 16 Mar 29 2005 > serf-1.3.9/test/testcases/simple.request > -rw-rw-rw- 0 bert bert 845 Sep 4 2004 > serf-1.3.9/test/testcases/simple.response > {noformat} -- This message was sent by Atlassian JIRA (v6.3.15#6346)