Lax permissions in top-level dir

Hi, while investigating ruby testsuite warnings/failures ("Insecure world writable dir /builds/lts-team/packages/ruby/debian in PATH, mode 040777"), I noticed lax/open (o+w) permissions:

drwxrwxrwx  27 root     root         4096 Jul 17 14:32 /builds/lts-team/packages/ruby/
drwxrwxrwx   8 root     root         4096 Jul 17 14:32 /builds/lts-team/packages/ruby/debian

It only gets saner below:

drwxr-xr-x   3 salsaci  salsaci      4096 Jul 17 14:33 /builds/lts-team/packages/ruby/debian/output

https://salsa.debian.org/lts-team/packages/ruby/-/jobs/5985279/raw

These permissions are surprising, possibly insecure even for the CI job, and cause issues. They probably need to be fixed (o-w).

Since the files are owned by root, I believe this is unrelated to the ruby build itself.

Opening this ticket after discussing with @santiago :)

Edited Jul 17, 2024 by Sylvain Beucler

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information