Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
View Bug Activity | Format For Printing | XML | Clone This Bug
After emerging net-mail/popfile-0.21.1 I had trouble running it (including a missing dependency - see bug 44394). But there are other problems. The files installed to /usr/share/popfile/ are *world* writeable, which probably represents a security risk. I think someone could change the modules. I rated this a "Major" bug because I'm not 100% sure of the security problems. Reproducible: Didn't try Steps to Reproduce: 1. emerge popfile 2. check out the permissions in /usr/share/popfile/* Actual Results: Most files were user, group, and other writeable Expected Results: Only root should be able to write I guess.
Updated the ebuild in portage; it should be appearing on a local rsync mirror in about an hour or so.
Closing bug - no feedback from submitter
I'm sorry for not responding; I didn't realize that I was supposed to try it out, since I had fixed the problem manually myself. I will pay more attention next time I submit a bug. Thanks for fixing it :)
