summaryrefslogtreecommitdiff
path: root/meta/classes/python-dir.bbclass
diff options
context:
space:
mode:
authorPeter Seebach <peter.seebach@windriver.com>2014-05-21 18:12:33 -0500
committerSaul Wold <sgw@linux.intel.com>2014-05-23 10:45:07 -0700
commit45371858129bbad8f4cfb874e237374a5ba8db4c (patch)
treecca68a873a4939f7536fcffd0f6654761a0e991a /meta/classes/python-dir.bbclass
parent2335a8ed3748e687e7f34f21f27f8e4029d1e26b (diff)
downloadopenembedded-core-45371858129bbad8f4cfb874e237374a5ba8db4c.tar.gz
openembedded-core-45371858129bbad8f4cfb874e237374a5ba8db4c.tar.bz2
openembedded-core-45371858129bbad8f4cfb874e237374a5ba8db4c.zip
pseudo: handle fchmodat better, mask out unwanted write bits
It turns out that pseudo's decision not to report errors from the host system's fchmodat() can break GNU tar in a very strange way, resulting in directories being mode 0700 instead of whatever they should have been. Additionally, it turns out that if you make directories in your rootfs mode 777, that results in the local copies being mode 777, which could allow a hypothetical attacker with access to the machine to add files to your rootfs image. We should mask out the 022 bits when making actual mode changes in the rootfs. This patch represents a backport to the 1.5.1 branch of three patches from the 1.6 branch, because it took a couple of tries to get this quite right. Signed-off-by: Peter Seebach <peter.seebach@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'meta/classes/python-dir.bbclass')
0 files changed, 0 insertions, 0 deletions