ports/opt (3.0): [notify]: security setuptools world writable files fix

crux at crux.nu crux at crux.nu
Sun Jan 26 00:49:29 UTC 2014


commit b690d770fcc5dcee138a9aa7a33497ac60c34741
Author: Danny Rawlins <monster.romster at gmail.com>
Date:   Sun Jan 26 11:48:44 2014 +1100

    [notify]: security setuptools world writable files fix

diff --git a/setuptools/.footprint b/setuptools/.footprint
index 874744f..c10c79e 100644
--- a/setuptools/.footprint
+++ b/setuptools/.footprint
@@ -19,15 +19,15 @@ drwxr-xr-x	root/root	usr/lib/python2.7/site-packages/_markerlib/
 -rw-r--r--	root/root	usr/lib/python2.7/site-packages/pkg_resources.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/site-packages/pkg_resources.pyo
 drwxr-xr-x	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/PKG-INFO
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/SOURCES.txt
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/dependency_links.txt
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/entry_points.txt
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/entry_points.txt.orig
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/requires.txt
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/requires.txt.orig
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/top_level.txt
--rw-rw-rw-	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/zip-safe
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/PKG-INFO
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/SOURCES.txt
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/dependency_links.txt
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/entry_points.txt
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/entry_points.txt.orig
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/requires.txt
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/requires.txt.orig
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/top_level.txt
+-rw-rw-r--	root/root	usr/lib/python2.7/site-packages/setuptools-2.1-py2.7.egg-info/zip-safe
 drwxr-xr-x	root/root	usr/lib/python2.7/site-packages/setuptools/
 -rw-r--r--	root/root	usr/lib/python2.7/site-packages/setuptools/__init__.py
 -rw-r--r--	root/root	usr/lib/python2.7/site-packages/setuptools/__init__.pyc
diff --git a/setuptools/Pkgfile b/setuptools/Pkgfile
index 9c541f1..6685001 100644
--- a/setuptools/Pkgfile
+++ b/setuptools/Pkgfile
@@ -6,7 +6,7 @@
 
 name=setuptools
 version=2.1
-release=1
+release=2
 source=(http://pypi.python.org/packages/source/s/$name/$name-$version.tar.gz)
 
 build() {
@@ -19,4 +19,6 @@ build() {
 		--root=$PKG \
 		--optimize=1 \
 		--skip-build
+
+	chmod o-w -R $PKG/usr/lib/python2.7/site-packages/setuptools-*-py*.egg-info
 }



More information about the CRUX mailing list