[Debian-med-packaging] Bug#924128: prokka: creates world writable directory tree /var/lib/prokka/*
Michael Crusoe
michael.crusoe at gmail.com
Mon Dec 9 16:18:37 GMT 2019
On Sat, 9 Mar 2019 23:26:01 +0100 Andreas Tille <tille at debian.org> wrote:
> Control: severity -1 normal
>
> On Sat, Mar 09, 2019 at 08:24:46PM +0100, Andreas Beckmann wrote:
> >
> > during a test with piuparts I noticed your package creates a world
> > writable directory tree.
> >
> > >From the attached log (scroll to the bottom...):
> >
> > 0m49.9s ERROR: Command failed (status=1): ['chroot',
'/srv/piuparts/tmp/tmpLm6y7M',
'tmp/scripts/pre_remove_50_find_bad_permissions']
> > ERROR: BAD PERMISSIONS
> > drwxrwxrwx 3 root root 60 Mar 5 02:46 /var/lib/prokka
> > drwxrwxrwx 4 root root 80 Mar 5 02:46 /var/lib/prokka/db
> > drwxrwxrwx 2 root root 260 Mar 5 02:46 /var/lib/prokka/db/cm
> > drwxrwxrwx 2 root root 580 Mar 5 02:46 /var/lib/prokka/db/genus
>
> I actually did some effort to make this dir world writable since users
> *need* to write and update these databases. Do your have any suggestion
> for a better approach which enables every user to update a common
> database? I was wondering whether I should create a group prokka and
> making the dir only writable for users belonging to this group. But for
> a first packaging attempt testing user responses this seemed to be over
> enginering. There is also some work done at upstream to enable a better
> solution for user writable databases.
Is making a "prokka" group to own this directory the only option?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-packaging/attachments/20191209/a5218da6/attachment-0001.html>
More information about the Debian-med-packaging
mailing list