packages that set wrong permissions of /var/tmp
There are a few packages that change the permission of
Permission should be world writable (1777), but the above packages changes it to 0755.
We have 3 options to fix this:
forbid packages to create anything under
make abuild error if package set wrong permission under
/var/tmp(the above packages will need to manually set the permissions of the intermediate /var/tmp directory)
find some way to exclude intermediate directories from apk so permissions are not modified.
(from redmine: issue id 9364, created on 2018-08-30)
- Revision 7a6d5953 by Natanael Copa on 2018-09-03T13:23:22Z:
main/nginx: fix permissions of /var/tmp Permissions of /var/tmp should be 1777. Due to limitation in apk/abuild we need to explicitly set the permissions of intermediate directories that should not have default. ref #9364
- Revision 822016ff by Natanael Copa on 2018-09-10T07:25:31Z:
main/nginx: fix permissions of /var/tmp Permissions of /var/tmp should be 1777. Due to limitation in apk/abuild we need to explicitly set the permissions of intermediate directories that should not have default. ref #9364 (cherry picked from commit 7a6d59536dfe5ea1fbc343993d894d119c701ab1)
- Revision 8ded1028 by Natanael Copa on 2019-06-21T10:20:45Z:
Revert "main/nginx: move /var/lib/nginx/tmp to /var/tmp/nginx" FHS-3.0 says that /var/tmp should survive reboots, but for it is common practice to ignore FHS for security reasons and wipe dirs that are world writable. There is no good reason to store nginx data under a world writable directory, so move it back to /var/lib/nginx/tmp. Other distros does something similar. fixes #9246 fixes #10258 ref #9364 This reverts commit d6d624a149ca62af8679baf9cc99ce1354c190f0.