ac3cloud / roust

Ruby client for Request Tracker's REST API
Other
6 stars 4 forks source link

INF-777 fix up restrictive file permissions in gem #26

Closed nerdyness closed 8 years ago

nerdyness commented 8 years ago

Thanks to @erdgeist for discovering this. :+1:

erdgeist commented 8 years ago

I do not think that changing file permissions from 0755 to 0644 in the repository will fix the problem, as my current checkout from master does not have broken permission.

It seems that the issue was introduced, when the tar archives inside the gem bundles were rolled from a checkout on someone's system, where the permissions were wrong.

It just needs to be re-bundled.

nerdyness commented 8 years ago

I do not think that changing file permissions from 0755 to 0644 in the repository will fix the problem, as my current checkout from master does not have broken permission.

You're right, I didn't even take note of the permissions, I just changed it to what I think it should be.

It seems that the issue was introduced, when the tar archives inside the gem bundles were rolled from a checkout on someone's system, where the permissions were wrong.

Yeah, that's me. I'm running some crazy umask that sets permissions to user only.

It just needs to be re-bundled.

This is the bit I'm struggling with. Can you explain what you mean by that? Happy to do it for you I'm just not sure what needs to be done. Thanks @erdgeist

erdgeist commented 8 years ago

Yeah, that's me. I'm running some crazy umask that sets permissions to user only.

When would you set this umask? Do you physically run "gem build" on your system? If so, why do the permissions differ?

A gem basically is a tar archive that contains some meta data, checksums and a data.tar.gz which in turn is a tar ball containing the actual code of your gem. If you decompress and unarchive this, you end up with an approximate snapshot of what was on your hard drive when you ran gem build on May 14th, 2015. Look here https://gist.github.com/erdgeist/8a0ce8020ccf48362ef699817465b852

All I am asking is for you to get a clean checkout out the project again, do a find . -ls in the project to ensure there's no file with -rw------- permissions, then bump the gem's version number, run the gem build again and you should be done. If you're unsure, I can take another look at the gem file.

nerdyness commented 8 years ago

Thanks for your help, @erdgeist! I've pushed a new version of the gem (1.8.8) to rubygems and it has at the very least world-readable permissions.

Please re-open the issue if this doesn't fix the issue.