Fedora has issued an advisory on February 24: http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099643.html The change they made is this: http://pkgs.fedoraproject.org/cgit/nginx.git/commit/?id=0b5a896201729695a64278faabd3f9ea823fd1b6 Our spec is clearly based on theirs, so we might want this change, just for that reason. Otherwise, I'm not sure it's strictly neccesary, as we have msec which changes those directories to 700 in secure mode. I suppose you could have a system without msec and maybe argue that it should install with 700 out of the box. Either way, I see no reason to issue an update for Mageia 2 for this, but if it's desirable, this change could be made in Cauldron. Reproducible: Steps to Reproduce:
CC: (none) => guillomovitch, shikamaru
Deciding which file permissions are needed is highly context-dependant. That's why it does make sense to allow the end user to eventually modify then after installation if needed. But there is not much reason to enforce a specific set of permissions in the package itself. And excepted for very objectives reasons, such as mandatory presence of a password in a configuration file, I'd prefer to stick with default 644/755 default for any file or directory, for every package. Otherwise we'll quickly have a patchwork of default perms according to each maintainer sensibility... So, I don't think that change is either needed, nor even desirable in the package itself. However, defining nginx-specific file perms in msec could be eventually interesting.
Thanks Guillaume. I'm marking this as WONTFIX.
Status: NEW => RESOLVEDResolution: (none) => WONTFIX