aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2013-07-10 10:44:25 -0700
committerelijah <elijah@riseup.net>2013-07-10 10:44:25 -0700
commitdf68d335c9c6fa8fd1638fb023b55f0993e43fe4 (patch)
treeecea064dcac02afdcbbe977297fd8f25b570b0ad /lib
parent7f4dea648d1f5a6b357933706abdb0f902043172 (diff)
downloadleap_cli-df68d335c9c6fa8fd1638fb023b55f0993e43fe4.tar.gz
leap_cli-df68d335c9c6fa8fd1638fb023b55f0993e43fe4.tar.bz2
security fix - for a little while now, since the switch to rsync_command, permissions on rsync'ed files allowed world read. bad bad. now permissions are limited to root.
Diffstat (limited to 'lib')
-rw-r--r--lib/leap_cli/remote/rsync_plugin.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/leap_cli/remote/rsync_plugin.rb b/lib/leap_cli/remote/rsync_plugin.rb
index 2c89f26..495ca1d 100644
--- a/lib/leap_cli/remote/rsync_plugin.rb
+++ b/lib/leap_cli/remote/rsync_plugin.rb
@@ -14,7 +14,7 @@ module LeapCli; module Remote; module RsyncPlugin
# {:source => '', :dest => '', :flags => '', :includes => [], :excludes => []}
#
def update
- rsync = RsyncCommand.new(:logger => logger, :flags => '-a')
+ rsync = RsyncCommand.new(:logger => logger, :flags => '-rltp --chmod=u+rX,go-rwx')
rsync.asynchronously(find_servers) do |server|
options = yield server
next unless options