summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsimonraven <simonraven@web>2009-05-19 02:19:29 -0400
committerJoey Hess <joey@kitenet.net>2009-05-19 02:19:29 -0400
commit9df6ef9c861bec06a2cae7ec8b8c5d6725392035 (patch)
treee3cc049ad934a2856dacbcd6c37c016e658a8928
parent0e82950125d9f6182689cf74921dbb57f1140f96 (diff)
-rw-r--r--doc/bugs/Insecure_dependency_in_mkdir.mdwn35
1 files changed, 35 insertions, 0 deletions
diff --git a/doc/bugs/Insecure_dependency_in_mkdir.mdwn b/doc/bugs/Insecure_dependency_in_mkdir.mdwn
index 72e503019..28304b3d3 100644
--- a/doc/bugs/Insecure_dependency_in_mkdir.mdwn
+++ b/doc/bugs/Insecure_dependency_in_mkdir.mdwn
@@ -92,3 +92,38 @@ I can't see any related entries. Any ideas?
>>>> Since version 2.40, taint checking has been disabled by
>>>> default due to the underlying perl bug. Unless you
>>>> build ikiwiki with NOTAINT=0. --[[Joey]]
+
+>>>> Hi, nope not doing this. Um, sorry, v. 3.13. I've no idea why it suddenly started doing this.
+>>>> It wasn't before. I've been messing around IkiWiki.pm to see if I can set
+>>>> a umask for `mkdir`.
+
+line 775 and down:
++ umask ($config{umask} || 0022);
+
+>>>> I figured it *might* be the `umask`, but I'll see in a few when / if it gets past that in the build. No; I keep getting garbage during the brokenlinks test
+
+<pre>
+t/basewiki_brokenlinks.....Insecure dependency in mkdir while running with -T switch at IkiWiki.pm line 776.
+
+# Failed test at t/basewiki_brokenlinks.t line 11.
+
+# Failed test at t/basewiki_brokenlinks.t line 19.
+
+
+broken links found
+&lt;li>shortcut from &lt;a href="./shortcuts/">shortcuts&lt;/a>&lt;/li>&lt;/ul>
+
+
+
+# Failed test at t/basewiki_brokenlinks.t line 25.
+Insecure dependency in mkdir while running with -T switch at IkiWiki.pm line 776.
+
+# Failed test at t/basewiki_brokenlinks.t line 11.
+
+# Failed test at t/basewiki_brokenlinks.t line 25.
+# Looks like you failed 5 tests of 12.
+dubious
+ Test returned status 5 (wstat 1280, 0x500)
+</pre>
+
+>>>> I get this over and over... I haven't touched that AFAICT, at all. --[[simonraven]]