[ https://jira.codehaus.org/browse/MASSEMBLY-580?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dennis Lundberg updated MASSEMBLY-580: -------------------------------------- Component/s: dependencySet Description: Despite having set the directoryMode for the dependencySet the permissions are ignored and the folder is set to 777 which poses as a possible security risk. Please find attached project which can be used to create the test zip containing the folder with incorrect permissions. {noformat} $ unzip project-deploy.zip Archive: project-deploy.zip creating: webapps/ inflating: webapps/commons-fileupload.jar $ ls -lah total 92K drwxr-xr-x 4 johno sulake 4.0K Oct 27 20:26 . drwxr-xr-x 4 johno sulake 4.0K Oct 27 20:25 .. drwxr-xr-x 2 johno sulake 4.0K Oct 27 20:25 archive-tmp -rw-r--r-- 1 johno sulake 51K Oct 27 20:25 project-deploy.zip drwxrwxrwx 2 johno sulake 4.0K Oct 27 20:25 webapps {noformat} Thanks in advance! was: Despite having set the directoryMode for the dependencySet the permissions are ignored and the folder is set to 777 which poses as a possible security risk. Please find attached project which can be used to create the test zip containing the folder with incorrect permissions. $ unzip project-deploy.zip Archive: project-deploy.zip creating: webapps/ inflating: webapps/commons-fileupload.jar $ ls -lah total 92K drwxr-xr-x 4 johno sulake 4.0K Oct 27 20:26 . drwxr-xr-x 4 johno sulake 4.0K Oct 27 20:25 .. drwxr-xr-x 2 johno sulake 4.0K Oct 27 20:25 archive-tmp -rw-r--r-- 1 johno sulake 51K Oct 27 20:25 project-deploy.zip drwxrwxrwx 2 johno sulake 4.0K Oct 27 20:25 webapps Thanks in advance! > dependencySet ignores directoryMode descriptor > ---------------------------------------------- > > Key: MASSEMBLY-580 > URL: https://jira.codehaus.org/browse/MASSEMBLY-580 > Project: Maven 2.x Assembly Plugin > Issue Type: Bug > Components: dependencySet > Affects Versions: 2.2.1 > Reporter: Johno Crawford > Attachments: directoryModeIgnored.zip > > > Despite having set the directoryMode for the dependencySet the permissions > are ignored and the folder is set to 777 which poses as a possible security > risk. Please find attached project which can be used to create the test zip > containing the folder with incorrect permissions. > {noformat} > $ unzip project-deploy.zip > Archive: project-deploy.zip > creating: webapps/ > inflating: webapps/commons-fileupload.jar > $ ls -lah > total 92K > drwxr-xr-x 4 johno sulake 4.0K Oct 27 20:26 . > drwxr-xr-x 4 johno sulake 4.0K Oct 27 20:25 .. > drwxr-xr-x 2 johno sulake 4.0K Oct 27 20:25 archive-tmp > -rw-r--r-- 1 johno sulake 51K Oct 27 20:25 project-deploy.zip > drwxrwxrwx 2 johno sulake 4.0K Oct 27 20:25 webapps > {noformat} > Thanks in advance! -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira