From ecbdd241f7e8e28f1057781c4ac2013e8d476288 Mon Sep 17 00:00:00 2001 From: Zac Medico Date: Wed, 19 Jan 2011 11:02:30 -0800 Subject: dispatch-conf: restrict default archive-dir perms Also, add warnings about rcs and ci behavior in dispatch-conf.conf and dispatch-conf.1. This will fix bug #315603. --- cnf/dispatch-conf.conf | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'cnf') diff --git a/cnf/dispatch-conf.conf b/cnf/dispatch-conf.conf index 33ad156e6..b51b61ae1 100644 --- a/cnf/dispatch-conf.conf +++ b/cnf/dispatch-conf.conf @@ -6,6 +6,14 @@ archive-dir=/etc/config-archive # Use rcs for storing files in the archive directory? +# WARNING: When configured to use rcs, read and execute permissions of +# archived files may be inherited from the first check in of a working +# file, as documented in the ci(1) man page. This means that even if +# the permissions of the working file have since changed, the older +# permissions of the first check in may be inherited. As mentioned in +# the ci(1) man page, users can control access to RCS files by setting +# the permissions of the directory containing the files (see +# archive-dir above). # (yes or no) use-rcs=no -- cgit v1.2.3-1-g7c22