Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use standard file modes in apt package #3122

Closed
pabl0 opened this issue Feb 7, 2019 · 1 comment
Closed

Use standard file modes in apt package #3122

pabl0 opened this issue Feb 7, 2019 · 1 comment

Comments

@pabl0
Copy link

pabl0 commented Feb 7, 2019

Bug Description

(Non-executable) files under /opt/Signal (and the directory itself) have non-standard permissions.
As per Debian Policy (10.9) "Files should be owned by root:root, and made writable only by the owner and universally readable (and executable, if appropriate), that is mode 644 or 755".

However, the package installs files with 664 permissions and directories with 775, instead of 644 and 755. In other words, the files (except the excutables) are writeable by the root group.

This is not a big deal and should not cause any security issues under normal circumstances, but it is still non-standard and looks strange. I feel that even though Signal-Desktop is a 3rd party package, and not currently a part of Debian proper (I hope some day it will be), it would still be nice to follow the Debian Policy whenever possible.

Steps to Reproduce

  1. apt install signal-desktpo
  2. ls -ld /opt/Signal

Actual Result:

drwxrwxr-x 1 root root 578 2019-02-06 19:25 /opt/Signal/

Expected Result:

drwxr-xr-x 1 root root 578 2019-02-06 19:25 /opt/Signal/

Platform Info

Signal Version:

1.21.0

Operating System:

Debian 9.7.

@scottnonnenberg-signal scottnonnenberg-signal changed the title Incorrect file modes in Debian package Use standard file modes in apt package Feb 7, 2019
@stale
Copy link

stale bot commented Sep 28, 2021

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

3 participants