Ruby: World-writable directory in PATH. #25801
-
I’m running Even if mine is the only process in the virtual environment (mitigating any practical security concerns), I’d still love to keep the build warning-free. I’m currently working around this one by running Thoughts? Thank you! |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
Hi Matthew, Thank you for taking time to report this! This warning is due to the directory has been added to your $PATH(the list of directories the OS searches when trying to find an executable to launch), and permission is writable anyone can write to. This is potential a security problem, Ruby notices this and issues the warning. However, the hosted-github runner is a temporary virtual environment which will be deprecated after workflow run complete. GitHub hosts Linux and Windows runner is a fork of azure pipeline agent, it’s safe and protected. In addition, make the directory in $PATH un-writable by default will cause other problems. As a workaround, please use below command to change the permissions of the directory so that it is no longer world writable. chmod go-w /directory Thanks. |
Beta Was this translation helpful? Give feedback.
-
Thanks, @weide-zhou, I appreciate your taking the time to respond, and I’m happy to hear this will only be an issue during the beta period. I had previously tried the chmod route, but I didn’t think to try sudo. Good to know that’ll work! |
Beta Was this translation helpful? Give feedback.
Hi Matthew,
Thank you for taking time to report this!
This warning is due to the directory has been added to your $PATH(the list of directories the OS searches when trying to find an executable to launch), and permission is writable anyone can write to. This is potential a security problem, Ruby notices this and issues the warning.
However, the hosted-github runner is a temporary virtual environment which will be deprecated after workflow run complete. GitHub hosts Linux and Windows runner is a fork of azure pipeline agent, it’s safe and protected. In addition, make the directory in $PATH un-writable by default will cause other problems.
As a workaround, please use below command to cha…