Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2025-02-17 06:28:40 +00:00
Code Issues Projects Releases Packages Wiki Activity

habitat package: Prevent world-writable files in gems

Browse source 
Signed-off-by: Jay Mundrawala <jay@thechamberofunderstanding.com>
This commit is contained in:
Clinton Wolfe 2019-01-22 15:54:04 -05:00 committed by GitHub
commit 45d7a579f0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
habitat/plan.sh
View file

@ -47,6 +47,10 @@ do_install() {
popd
wrap_inspec_bin
# Certain gems (timeliness) are getting installed with world writable files
# This is removing write bits for group and other.
find "$GEM_HOME" -xdev -perm -0002 -type f -print 2>/dev/null | xargs -I '{}' chmod go-w '{}'
}
# Need to wrap the InSpec binary to ensure paths are correct