Mac Sandbox: To protect authenticators in init_data.xml files, make slots directory group boinc_project and not world-executable,

svn path=/trunk/boinc/; revision=20272
2010-01-27 07:50:07 +00:00 · 2010-01-27 07:50:07 +00:00 · a34e16f3a9
parent e236d3dc22
commit a34e16f3a9
2 changed files with 5 additions and 3 deletions
--- a/1
+++ b/1
@ -722,4 +722,5 @@ Charlie  26 Jan 2010
        mac/
            SetupSecurity.cpp
    mac_build/
+        Mac_SA_Insecure.sh
        Mac_SA_Secure.sh
--- a/mac_build/Mac_SA_Insecure.sh
+++ b/mac_build/Mac_SA_Insecure.sh
@ -41,8 +41,9 @@
 # the --insecure option.
 # NOTE: running BOINC with security disabled is not recommended.
 #
-# Last updated 9/1/09 for BOINC version 6.8.17 and 6.10.3
-# WARNING: do not use this script with older versions of BOINC
+# Last updated 1/26/10 for BOINC versions 6.8.19, 6.10.30 and 6.11.1 
+# WARNING: do not use this script with older versions of BOINC older 
+# than 6.8.17 and 6.10.3

 function remove_boinc_users() {
    name=$(dscl . search /users RecordName boinc_master | cut -f1 -s)
@ -99,7 +100,7 @@ then
 fi

 chown -R ${user}:${group} .
-chmod -R u+rw-s,g+r-w-s,o+r-w .
+chmod -R +Xu+rw-s,g+r-w-s,o+r-w .
 chmod 600 gui_rpc_auth.cfg

 if [ -f switcher/AppStats ] ; then