This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goserver. commit 21505a5a9c9d072121384f18d662c623693f84a1 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Tue Aug 14 16:29:47 2018 +0200 debian/*.postinst: Avoid recursive chmod/chown. Recursive chown/chmod is susceptible to hardlink attacks on mainline, non-Debian kernels. --- debian/libx2go-server-db-perl.postinst | 3 ++- debian/x2goserver-printing.postinst | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/libx2go-server-db-perl.postinst b/debian/libx2go-server-db-perl.postinst index 5a99ff5..13bf0c5 100755 --- a/debian/libx2go-server-db-perl.postinst +++ b/debian/libx2go-server-db-perl.postinst @@ -43,7 +43,8 @@ case "${1}" in x2godbadmin --createdb else # make sure db permissions are set correctly - chown -R 'root:x2gouser' '/var/lib/x2go' + chown 'x2gouser:x2gouser' '/var/lib/x2go' + chown 'root:x2gouser' '/var/lib/x2go/x2go_sessions' # egid x2gouser needs write access to the db dir (for temporary db journal file) chmod '0770' '/var/lib/x2go' # ... and to the db file itself, of course diff --git a/debian/x2goserver-printing.postinst b/debian/x2goserver-printing.postinst index 3d7cf9f..66b70ea 100755 --- a/debian/x2goserver-printing.postinst +++ b/debian/x2goserver-printing.postinst @@ -60,7 +60,7 @@ case "${1}" in fi # make sure x2goprint spool dir permissions are set correctly - chown -R 'x2goprint:x2goprint' '/var/spool/x2goprint' + chown 'x2goprint:x2goprint' '/var/spool/x2goprint' # egid x2goprint needs write access to the spool dir chmod '0700' '/var/spool/x2goprint' -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goserver.git