Skip to content
Permalink
Browse files Browse the repository at this point in the history
oops; fa06a34 had a nasty bug for fresh installs
thanks to Nathan Ferch for catching this.  See thread with subject line "World
writable files and directories" on the mailing list.
  • Loading branch information
sitaramc committed Oct 21, 2013
1 parent aae4162 commit 3dad4f8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/lib/Gitolite/Rc.pm
Expand Up @@ -93,7 +93,7 @@ do $ENV{G3T_RC} if exists $ENV{G3T_RC} and -r $ENV{G3T_RC};
# setup some perl/rc/env vars, plus umask
# ----------------------------------------------------------------------

umask $rc{UMASK};
umask ( $rc{UMASK} || 0077 );

unshift @INC, "$rc{LOCAL_CODE}/lib" if $rc{LOCAL_CODE};

Expand Down

3 comments on commit 3dad4f8

@abergmann
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVE-2013-4451 was assigned to this issue.

@kfern
Copy link

@kfern kfern commented on 3dad4f8 Nov 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVSS v3.0 Severity and Metrics: Base Score: 9.8 CRITICAL

Any hack or solution?

@sitaramc
Copy link
Owner Author

@sitaramc sitaramc commented on 3dad4f8 Nov 20, 2018 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.