diff options
author | elijah <elijah@riseup.net> | 2013-07-10 10:44:25 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2013-07-10 10:44:25 -0700 |
commit | df68d335c9c6fa8fd1638fb023b55f0993e43fe4 (patch) | |
tree | ecea064dcac02afdcbbe977297fd8f25b570b0ad /lib | |
parent | 7f4dea648d1f5a6b357933706abdb0f902043172 (diff) | |
download | leap_cli-df68d335c9c6fa8fd1638fb023b55f0993e43fe4.tar.gz leap_cli-df68d335c9c6fa8fd1638fb023b55f0993e43fe4.tar.bz2 |
security fix - for a little while now, since the switch to rsync_command, permissions on rsync'ed files allowed world read. bad bad. now permissions are limited to root.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/leap_cli/remote/rsync_plugin.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/leap_cli/remote/rsync_plugin.rb b/lib/leap_cli/remote/rsync_plugin.rb index 2c89f26..495ca1d 100644 --- a/lib/leap_cli/remote/rsync_plugin.rb +++ b/lib/leap_cli/remote/rsync_plugin.rb @@ -14,7 +14,7 @@ module LeapCli; module Remote; module RsyncPlugin # {:source => '', :dest => '', :flags => '', :includes => [], :excludes => []} # def update - rsync = RsyncCommand.new(:logger => logger, :flags => '-a') + rsync = RsyncCommand.new(:logger => logger, :flags => '-rltp --chmod=u+rX,go-rwx') rsync.asynchronously(find_servers) do |server| options = yield server next unless options |