--- git.eclass 16 Jun 2008 11:22:38 -0000 1.14 +++ git.eclass 6 Oct 2008 06:42:36 -0000 @@ -177,6 +177,12 @@ mkdir -p "${EGIT_STORE_DIR}" \ || die "${EGIT}: can't mkdir ${EGIT_STORE_DIR}." export SANDBOX_WRITE="${SANDBOX_WRITE%%:/}" + elif [[ $(find "${EGIT_STORE_DIR}" -maxdepth 0 -type d -perm -o+w) ]]; then + # Found world-writable directory, created by previous buggy version + # of this eclass. This is a security issue, so refuse to continue. + eerror "Directory ${EGIT_STORE_DIR} is world-writable which is" + eerror "a security issue. Please remove it and retry." + die "${EGIT}: ${EGIT_STORE_DIR} is world-writable" fi cd -P "${EGIT_STORE_DIR}" || die "${EGIT}: can't chdir to ${EGIT_STORE_DIR}" --- mercurial.eclass 13 Oct 2006 23:45:03 -0000 1.3 +++ mercurial.eclass 6 Oct 2008 06:42:37 -0000 @@ -37,6 +37,12 @@ chmod -f g+rw "${EHG_STORE_DIR}" && export SANDBOX_WRITE="${SANDBOX_WRITE%:/}" eend $? || die + elif [[ $(find "${EHG_STORE_DIR}" -maxdepth 0 -type d -perm -o+w) ]]; then + # Found world-writable directory, created by previous buggy version + # of this eclass. This is a security issue, so refuse to continue. + eerror "Directory ${EHG_STORE_DIR} is world-writable which is" + eerror "a security issue. Please remove it and retry." + die "${EHG_STORE_DIR} is world-writable" fi pushd "${EHG_STORE_DIR}" >/dev/null \ --- subversion.eclass 27 May 2008 09:49:09 -0000 1.60 +++ subversion.eclass 6 Oct 2008 06:42:37 -0000 @@ -192,6 +192,12 @@ if [[ ! -d ${ESVN_STORE_DIR} ]]; then debug-print "${FUNCNAME}: initial checkout. creating subversion directory" mkdir -p "${ESVN_STORE_DIR}" || die "${ESVN}: can't mkdir ${ESVN_STORE_DIR}." + elif [[ $(find "${ESVN_STORE_DIR}" -maxdepth 0 -type d -perm -o+w) ]]; then + # Found world-writable directory, created by previous buggy version + # of this eclass. This is a security issue, so refuse to continue. + eerror "Directory ${ESVN_STORE_DIR} is world-writable which is" + eerror "a security issue. Please remove it and retry." + die "${ESVN}: ${ESVN_STORE_DIR} is world-writable" fi cd "${ESVN_STORE_DIR}" || die "${ESVN}: can't chdir to ${ESVN_STORE_DIR}" --- bzr.eclass 25 Oct 2008 12:17:23 -0000 1.1 +++ bzr.eclass 25 Oct 2008 14:42:28 -0000 @@ -140,6 +140,12 @@ mkdir -p "${EBZR_STORE_DIR}" \ || die "${EBZR}: can't mkdir ${EBZR_STORE_DIR}." export SANDBOX_WRITE="${SANDBOX_WRITE%%:/}" + elif [[ $(find "${EBZR_STORE_DIR}" -maxdepth 0 -type d -perm -o+w) ]]; then + # Found world-writable directory, created by previous buggy version + # of this eclass. This is a security issue, so refuse to continue. + eerror "Directory ${EBZR_STORE_DIR} is world-writable which is" + eerror "a security issue. Please remove it and retry." + die "${EBZR}: ${EBZR_STORE_DIR} is world-writable" fi cd -P "${EBZR_STORE_DIR}" || die "${EBZR}: can't chdir to ${EBZR_STORE_DIR}"