projects / mirror / dsa-puppet.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a6293df) | patch
rsync-ssh-wrap: force the permissions of uploaded files
authorAurelien Jarno <aurelien@aurel32.net>
Wed, 14 Feb 2018 16:33:17 +0000 (17:33 +0100)
committerAurelien Jarno <aurelien@aurel32.net>
Wed, 14 Feb 2018 16:33:17 +0000 (17:33 +0100)
commitf4a8a766c3bd060ea9b2c8c8c75ae052b89df4b9
tree4738f74be2f27bac804118e69fe3ac9d4a6d405atree | snapshot
parenta6293df3e302edf59fdd7caedefc83210f4482eacommit | diff
rsync-ssh-wrap: force the permissions of uploaded files

dupload calls rsync with -p, causing the uploaded files to be world
readable, despite the ACL of the upload directory (see bug#876900).
This is an issue for security uploads.

This has been fixed in sid, but not yet in stretch. In the meantime
force the permissions to 0640 at the wrapper level.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
modules/roles/files/ssh_upload/rsync-ssh-wrap diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.