blob: 820683bd6f61323c2b446c925e704dbcd1dad710 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
# Check for world-writable files
world_writable_check() {
# Now we look for all world writable files.
local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${ED}:/:")
local OLDIFS x prev_shopts=$-
OLDIFS=$IFS
IFS=$'\n'
set -f
if [[ -n ${unsafe_files} ]] ; then
eqawarn "QA Security Notice: world writable file(s):"
eqatag -v world-writable $unsafe_files
eqawarn "This may or may not be a security problem, most of the time it is one."
eqawarn "Please double check that $PF really needs a world writeable bit and file bugs accordingly."
eqawarn
fi
local unsafe_files=$(find "${ED}" -type f '(' -perm -2002 -o -perm -4002 ')' | sed -e "s:^${ED}:/:")
if [[ -n ${unsafe_files} ]] ; then
eqawarn "QA Notice: Unsafe files detected (set*id and world writable)"
eqatag -v world-writable-setid $unsafe_files
die "Unsafe files found in \${D}. Portage will not install them."
fi
IFS=$OLDIFS
[[ ${prev_shopts} == *f* ]] || set +f
}
world_writable_check
: # guarantee successful exit
# vim:ft=sh
|
GitWeb
