Package: xsane Version: 0.997-2 Severity: wishlist Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu maverick ubuntu-patch
xsane overwrites the user's umask to 0007, and creates ~/.sane and other files with the according 770 permissions on directories and 660 on files containing the printer description. This is dangerous in a multiuser environment. This bug was originally reported on Launchpad: https://bugs.launchpad.net/ubuntu/+source/xsane/+bug/611950 *** /tmp/tmpqQRphP In Ubuntu, we've applied the attached patch to achieve the following: [Adrien Thebo] * Fix umask permitions (LP: #611950) - debian/patches/fix_umask_permitions.patch We thought you might be interested in doing the same. -- System Information: Debian Release: squeeze/sid APT prefers lucid-updates APT policy: (500, 'lucid-updates'), (500, 'lucid-security'), (500, 'lucid-proposed'), (500, 'lucid-backports'), (500, 'lucid') Architecture: i386 (i686) Kernel: Linux 2.6.32-24-generic (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
=== modified file 'debian/changelog' === added file 'debian/patches/fix_umaks_permitions.patch' --- debian/patches/fix_umaks_permitions.patch 1970-01-01 00:00:00 +0000 +++ debian/patches/fix_umaks_permitions.patch 2010-08-14 15:50:49 +0000 @@ -0,0 +1,13 @@ +Index: xsane/src/xsane.h +=================================================================== +--- xsane.orig/src/xsane.h 2010-08-14 02:37:42.830513543 -0500 ++++ xsane/src/xsane.h 2010-08-14 02:38:01.763579047 -0500 +@@ -104,7 +104,7 @@ + #define XSANE_DEBUG_ENVIRONMENT "XSANE_DEBUG" + + #define XSANE_PROGRESS_BAR_MIN_DELTA_PERCENT 0.025 +-#define XSANE_DEFAULT_UMASK 0007 ++#define XSANE_DEFAULT_UMASK 0077 + #define XSANE_HOLD_TIME 200 + #define XSANE_CONTINUOUS_HOLD_TIME 10 + #define XSANE_DEFAULT_DEVICE "SANE_DEFAULT_DEVICE" === modified file 'debian/patches/series' --- debian/patches/series 2010-06-21 12:50:50 +0000 +++ debian/patches/series 2010-08-14 15:50:49 +0000 @@ -12,3 +12,4 @@ fix_preview_mouse_events.patch fix_spin_button_pagesize.patch pot_desktop_msgid.patch +fix_umaks_permitions.patch === modified file 'src/xsane.h' --- src/xsane.h 2010-06-21 12:50:50 +0000 +++ src/xsane.h 2010-08-14 15:50:49 +0000 @@ -104,7 +104,7 @@ #define XSANE_DEBUG_ENVIRONMENT "XSANE_DEBUG" #define XSANE_PROGRESS_BAR_MIN_DELTA_PERCENT 0.025 -#define XSANE_DEFAULT_UMASK 0007 +#define XSANE_DEFAULT_UMASK 0077 #define XSANE_HOLD_TIME 200 #define XSANE_CONTINUOUS_HOLD_TIME 10 #define XSANE_DEFAULT_DEVICE "SANE_DEFAULT_DEVICE"
