fd710fc93e
* Some minor fixes to set_permissions() in file_permissions.py The set_permissions() routine claims to prevent users from creating world writable suid binaries. However, it seems to only be checking for/preventing group writable suid binaries. This patch modifies the routine to check for both world and group writable suid binaries, and complain appropriately. * permissions.py: Add test to check blocks world writable SUID files The original test_chmod_rejects_group_writable_suid tested that the set_permissions() function in lib/spack/spack/util/file_permissions.py would raise an exception if changed permission on a file with both SUID and SGID plus sticky bits is chmod-ed to g+rwx and o+rwx. I have modified so that more narrowly tests a file with SUID (and no SGID or sticky bit) set is chmod-ed to g+w. I have added a second test test_chmod_rejects_world_writable_suid that checks that exception is raised if an SUID file is chmod-ed to o+w * file_permissions.py: Raise exception when try to make sgid file world writable Updated set_permissions() in file_permissions.py to also raise an exception if try to make an SGID file world writable. And added corresponding unit test as well. * Remove debugging prints from permissions.py |
||
|---|---|---|
| .. | ||
| spack | ||