From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-apps-return-23944-listarch-cygwin-apps=sources.redhat.com@cygwin.com>
Received: (qmail 22796 invoked by alias); 20 Aug 2008 09:14:55 -0000
Received: (qmail 22785 invoked by uid 22791); 20 Aug 2008 09:14:55 -0000
X-Spam-Check-By: sourceware.org
Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234)     by sourceware.org (qpsmtpd/0.31.1) with ESMTP; Wed, 20 Aug 2008 09:14:07 +0000
Received: by calimero.vinschen.de (Postfix, from userid 500) 	id 81EDB6D434C; Wed, 20 Aug 2008 11:15:56 +0200 (CEST)
Date: Wed, 20 Aug 2008 09:14:00 -0000
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin-apps@cygwin.com
Subject: Re: base-passwd: postinstall script too open permissions
Message-ID: <20080820091556.GG29104@calimero.vinschen.de>
Reply-To: cygwin-apps@cygwin.com
Mail-Followup-To: cygwin-apps@cygwin.com
References: <20080820081457.GE29104@calimero.vinschen.de> <7037c81dc567783993f4770ce6a9a4f5.squirrel@mail.morrison.mine.nu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <7037c81dc567783993f4770ce6a9a4f5.squirrel@mail.morrison.mine.nu>
User-Agent: Mutt/1.5.16 (2007-06-09)
Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm
Precedence: bulk
Sender: cygwin-apps-owner@cygwin.com
List-Id: <cygwin-apps.cygwin.com>
List-Subscribe: <mailto:cygwin-apps-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin-apps/>
List-Post: <mailto:cygwin-apps@cygwin.com>
List-Help: <mailto:cygwin-apps-help@cygwin.com>, <http://sourceware.org/lists.html#faqs>
Mail-Followup-To: cygwin-apps@cygwin.com
X-SW-Source: 2008-08/txt/msg00159.txt.bz2

On Aug 20 09:34, John Morrison wrote:
> On Wed, August 20, 2008 9:14 am, Corinna Vinschen wrote:
> > Hi John,
> >
> > do you remember the reason why the passwd-grp.sh postinstall script
> > calls
> >
> >   chmod 777 /etc/passwd
> >   chmod 777 /etc/group
> >
> > ?  That's not right, IMO.  The permissions should rather be 644 and
> > not allow writing for everyone.
> >
> > Along the same lines, the `chmod a+w' calls in the second half of the
> > script should better just be `chmod u+w'.
> >
> > Would you mind to change that, please?
> 
> Sure, although it might be tomorrow night before I get time.  What were
> the changes you made to the setup.hint for base-[file/passwd] btw?

It only depends on base-cygwin now:

  requires: base-cygwin

We must make sure that base-cygwin is the first in the dependency order,
then base-passwd.  I'm not sure yet about base-files.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat