On 2020/03/12 10:40, Christopher Zimmermann wrote:
> Hi,
>
> I regularly receive warnings from security(8) about group writable mpd home
> directory. Is there a reason this needs to be group writable?
> OK to drop the group-write bit?
How does this help? The mpd user's home directory is /var/empty.
$ cvs blame pkg/PLIST |grep newuser
Annotations for pkg/PLIST
***************
1.1 (bernd 13-May-06): @newuser _mpd:560:560:daemon:Music Player
Daemon:/var/empty:/sbin/nologin
>
> Christopher
>
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/audio/mpd/Makefile,v
> retrieving revision 1.125
> diff -u -p -r1.125 Makefile
> --- Makefile 17 Oct 2019 11:19:21 -0000 1.125
> +++ Makefile 12 Mar 2020 09:37:41 -0000
> @@ -3,6 +3,7 @@
> BROKEN-hppa = no atomic ops
> COMMENT = Music Player Daemon
> VER = 0.21.16
> +REVISION = 0
> DISTNAME = mpd-${VER}
> EXTRACT_SUFX = .tar.xz
> CATEGORIES = audio
> Index: pkg/PLIST
> ===================================================================
> RCS file: /cvs/ports/audio/mpd/pkg/PLIST,v
> retrieving revision 1.13
> diff -u -p -r1.13 PLIST
> --- pkg/PLIST 15 Aug 2019 05:44:37 -0000 1.13
> +++ pkg/PLIST 12 Mar 2020 09:37:41 -0000
> @@ -16,7 +16,7 @@ share/doc/mpd/README.md
> share/examples/mpd/
> share/examples/mpd/mpd.conf
> @sample ${SYSCONFDIR}/mpd.conf
> -@mode 770
> +@mode 750
> @owner _mpd
> @group _mpd
> @sample /var/log/mpd/
>
>
> --
> http://gmerlin.de
> OpenPGP: http://gmerlin.de/christopher.pub
> CB07 DA40 B0B6 571D 35E2 0DEF 87E2 92A7 13E5 DEE1
>
