house keeping: executable files

[twoodcock]

File this under "house keeping". To quote one of my co-workers, if this is exploitable, you have bigger problems.

Why are 3 random files executable? I have v3_stable checked out.

These files are executable: ./numbas_lti/templates/numbas_lti/management/resource_remark_iframe.html ./numbas_lti/static/resource_remark_iframe.js ./numbas_lti/views/resource.py

It is also troubling that the ubuntu installation instructions tell you to make files executable. chmod 770. The line in particular is chmod -R 770 /opt/numbas_lti_python, run after populating the python virtual environment with files. (The other ones are right after directory creation, leaving the -R off would make no difference.)

Instead of chmod 770 I recommend chmod u+rwX and chmod g+rwX, X meaning set directories as executable (so the user can read inside), leave all other files alone.

[christianp]

Oh wow, that's not good! Thanks for pointing this out. It looks like the permissions on those files were changed by 65ea4d8f3cd44a6a123267fdd434faecbf9a374f by @georgestagg. I bet he was on Windows.

The chmod 770 instructions are just carelessness on my part; you're completely right that it's too much. I've gone with your suggestion - it's more readable than the digit form, apart from anything else.