From: Yui NARUSE Date: 2011-06-26T19:20:16+09:00 Subject: [ruby-core:37508] [Ruby 1.9 - Bug #4930][Assigned] $prefix/lib/ruby/gems and its subdirs are world writable Issue #4930 has been updated by Yui NARUSE. Status changed from Open to Assigned Assignee set to Ryan Davis ---------------------------------------- Bug #4930: $prefix/lib/ruby/gems and its subdirs are world writable http://redmine.ruby-lang.org/issues/4930 Author: Sakuro OZAWA Status: Assigned Priority: Normal Assignee: Ryan Davis Category: Target version: ruby -v: ruby 1.9.3dev (2011-06-26 trunk 32231) [x86_64-darwin10.8.0] =begin $ sudo rm -rf /usr/local/lib/ruby $ umask 022 $ sudo sh -c umask 0022 $ sudo make install-nodoc ./miniruby -I../lib -I. -I.ext/common ../tool/rbinstall.rb --make="make" --dest-dir="" --extout=".ext" --mflags="" --make-flags="" --data-mode=0644 --prog-mode=0755 --installed-list .installed.list --mantype="doc" installing binary commands: /usr/local/bin installing base libraries: /usr/local/lib installing default gems: /usr/local/lib/ruby/gems/1.9.1 (cache, doc, gems, specifications) rake 0.9.2 rdoc 3.7 minitest 2.2.2 json 1.5.0 =end Now let's examine permissions. =begin $ ls -l /usr/local/lib/ruby total 0 drwxr-xr-x 112 root wheel 3808 2011-06-26 18:31 1.9.1 drwxrwxrwx 3 root wheel 102 2011-06-26 18:31 gems drwxr-xr-x 3 root wheel 102 2011-06-26 18:31 site_ruby drwxr-xr-x 3 root wheel 102 2011-06-26 18:31 vendor_ruby $ gfind /usr/local/lib/ruby -type d -perm /022 /usr/local/lib/ruby/gems /usr/local/lib/ruby/gems/1.9.1 /usr/local/lib/ruby/gems/1.9.1/cache /usr/local/lib/ruby/gems/1.9.1/doc /usr/local/lib/ruby/gems/1.9.1/gems /usr/local/lib/ruby/gems/1.9.1/specifications =end I don't think these directories should be writable by anyone. -- http://redmine.ruby-lang.org