From 4be7bd88fbf4954128ca110a783419abea818a0c Mon Sep 17 00:00:00 2001 From: Earlopain <14981592+Earlopain@users.noreply.github.com> Date: Thu, 19 Dec 2024 22:59:38 +0100 Subject: [PATCH] Remove `ENABLE_PATH_CHECK` workaround Since Ruby 2.7, this warning is not emitted anymore It was removed as part of https://bugs.ruby-lang.org/issues/16131 Here's the output of running `ENV['PATH']` against various ruby versions, when `$PATH` contains a world-writable folder: ``` ===============1.8.7-p374================ -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 ===============1.9.3-p551================ -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 ===============2.0.0-p648================ -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 =================2.1.10================== -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 =================2.2.10================== -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 ==================2.3.8================== -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 =================2.4.10================== -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 ==================2.5.9================== -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 =================2.6.10================== -e:1: warning: Insecure world writable dir /app/whatever in PATH, mode 040757 ==================2.7.8================== ==================3.0.7================== ==================3.1.6================== ==================3.2.6================== ==================3.3.6================== ================3.4.0-rc1================ ``` --- 3.1/alpine3.20/Dockerfile | 9 --------- 3.1/alpine3.21/Dockerfile | 9 --------- 3.1/bookworm/Dockerfile | 9 --------- 3.1/bullseye/Dockerfile | 9 --------- 3.1/slim-bookworm/Dockerfile | 9 --------- 3.1/slim-bullseye/Dockerfile | 9 --------- 3.2/alpine3.20/Dockerfile | 9 --------- 3.2/alpine3.21/Dockerfile | 9 --------- 3.2/bookworm/Dockerfile | 9 --------- 3.2/bullseye/Dockerfile | 9 --------- 3.2/slim-bookworm/Dockerfile | 9 --------- 3.2/slim-bullseye/Dockerfile | 9 --------- 3.3/alpine3.20/Dockerfile | 9 --------- 3.3/alpine3.21/Dockerfile | 9 --------- 3.3/bookworm/Dockerfile | 9 --------- 3.3/bullseye/Dockerfile | 9 --------- 3.3/slim-bookworm/Dockerfile | 9 --------- 3.3/slim-bullseye/Dockerfile | 9 --------- 3.4-rc/alpine3.20/Dockerfile | 9 --------- 3.4-rc/alpine3.21/Dockerfile | 9 --------- 3.4-rc/bookworm/Dockerfile | 9 --------- 3.4-rc/bullseye/Dockerfile | 9 --------- 3.4-rc/slim-bookworm/Dockerfile | 9 --------- 3.4-rc/slim-bullseye/Dockerfile | 9 --------- Dockerfile.template | 9 --------- 25 files changed, 225 deletions(-) diff --git a/3.1/alpine3.20/Dockerfile b/3.1/alpine3.20/Dockerfile index f04177227..e48747add 100644 --- a/3.1/alpine3.20/Dockerfile +++ b/3.1/alpine3.20/Dockerfile @@ -81,15 +81,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.1/alpine3.21/Dockerfile b/3.1/alpine3.21/Dockerfile index 81fe32a00..7845a7fc5 100644 --- a/3.1/alpine3.21/Dockerfile +++ b/3.1/alpine3.21/Dockerfile @@ -81,15 +81,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.1/bookworm/Dockerfile b/3.1/bookworm/Dockerfile index a2b97e9f3..1935b0a3a 100644 --- a/3.1/bookworm/Dockerfile +++ b/3.1/bookworm/Dockerfile @@ -41,15 +41,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.1/bullseye/Dockerfile b/3.1/bullseye/Dockerfile index 627cd46b6..d59980172 100644 --- a/3.1/bullseye/Dockerfile +++ b/3.1/bullseye/Dockerfile @@ -41,15 +41,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.1/slim-bookworm/Dockerfile b/3.1/slim-bookworm/Dockerfile index eb96f931b..ed762cbf2 100644 --- a/3.1/slim-bookworm/Dockerfile +++ b/3.1/slim-bookworm/Dockerfile @@ -68,15 +68,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.1/slim-bullseye/Dockerfile b/3.1/slim-bullseye/Dockerfile index 3d51740b9..c9ea2d05e 100644 --- a/3.1/slim-bullseye/Dockerfile +++ b/3.1/slim-bullseye/Dockerfile @@ -68,15 +68,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.2/alpine3.20/Dockerfile b/3.2/alpine3.20/Dockerfile index 30919ed40..7c39f11f1 100644 --- a/3.2/alpine3.20/Dockerfile +++ b/3.2/alpine3.20/Dockerfile @@ -103,15 +103,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.2/alpine3.21/Dockerfile b/3.2/alpine3.21/Dockerfile index 1c1b1a8ba..124f72d41 100644 --- a/3.2/alpine3.21/Dockerfile +++ b/3.2/alpine3.21/Dockerfile @@ -103,15 +103,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.2/bookworm/Dockerfile b/3.2/bookworm/Dockerfile index 394e1ea1f..b9b35966a 100644 --- a/3.2/bookworm/Dockerfile +++ b/3.2/bookworm/Dockerfile @@ -63,15 +63,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.2/bullseye/Dockerfile b/3.2/bullseye/Dockerfile index 9dbdf061d..64c7fc308 100644 --- a/3.2/bullseye/Dockerfile +++ b/3.2/bullseye/Dockerfile @@ -63,15 +63,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.2/slim-bookworm/Dockerfile b/3.2/slim-bookworm/Dockerfile index 7142b0f35..98b7c9eeb 100644 --- a/3.2/slim-bookworm/Dockerfile +++ b/3.2/slim-bookworm/Dockerfile @@ -90,15 +90,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.2/slim-bullseye/Dockerfile b/3.2/slim-bullseye/Dockerfile index 8d278ff26..f609703da 100644 --- a/3.2/slim-bullseye/Dockerfile +++ b/3.2/slim-bullseye/Dockerfile @@ -90,15 +90,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.3/alpine3.20/Dockerfile b/3.3/alpine3.20/Dockerfile index 4fdc15b5e..53058cd18 100644 --- a/3.3/alpine3.20/Dockerfile +++ b/3.3/alpine3.20/Dockerfile @@ -101,15 +101,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.3/alpine3.21/Dockerfile b/3.3/alpine3.21/Dockerfile index a12746bb9..63f6cec2a 100644 --- a/3.3/alpine3.21/Dockerfile +++ b/3.3/alpine3.21/Dockerfile @@ -101,15 +101,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.3/bookworm/Dockerfile b/3.3/bookworm/Dockerfile index 1b7098593..e7a1ee1ca 100644 --- a/3.3/bookworm/Dockerfile +++ b/3.3/bookworm/Dockerfile @@ -62,15 +62,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.3/bullseye/Dockerfile b/3.3/bullseye/Dockerfile index 330629dda..5beec3404 100644 --- a/3.3/bullseye/Dockerfile +++ b/3.3/bullseye/Dockerfile @@ -62,15 +62,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.3/slim-bookworm/Dockerfile b/3.3/slim-bookworm/Dockerfile index 6730cf491..fd8cf878e 100644 --- a/3.3/slim-bookworm/Dockerfile +++ b/3.3/slim-bookworm/Dockerfile @@ -88,15 +88,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.3/slim-bullseye/Dockerfile b/3.3/slim-bullseye/Dockerfile index d68cc7a2b..5693cc811 100644 --- a/3.3/slim-bullseye/Dockerfile +++ b/3.3/slim-bullseye/Dockerfile @@ -88,15 +88,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.4-rc/alpine3.20/Dockerfile b/3.4-rc/alpine3.20/Dockerfile index 4d1ede484..51b78f0dc 100644 --- a/3.4-rc/alpine3.20/Dockerfile +++ b/3.4-rc/alpine3.20/Dockerfile @@ -101,15 +101,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.4-rc/alpine3.21/Dockerfile b/3.4-rc/alpine3.21/Dockerfile index ae79b8a91..cc1cd0650 100644 --- a/3.4-rc/alpine3.21/Dockerfile +++ b/3.4-rc/alpine3.21/Dockerfile @@ -101,15 +101,6 @@ RUN set -eux; \ patch -p1 -i thread-stack-fix.patch; \ rm thread-stack-fix.patch; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.4-rc/bookworm/Dockerfile b/3.4-rc/bookworm/Dockerfile index fea2d9014..26dae0d42 100644 --- a/3.4-rc/bookworm/Dockerfile +++ b/3.4-rc/bookworm/Dockerfile @@ -62,15 +62,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.4-rc/bullseye/Dockerfile b/3.4-rc/bullseye/Dockerfile index e7ea548db..f181d6102 100644 --- a/3.4-rc/bullseye/Dockerfile +++ b/3.4-rc/bullseye/Dockerfile @@ -62,15 +62,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.4-rc/slim-bookworm/Dockerfile b/3.4-rc/slim-bookworm/Dockerfile index 10045e7f2..d07e497c2 100644 --- a/3.4-rc/slim-bookworm/Dockerfile +++ b/3.4-rc/slim-bookworm/Dockerfile @@ -88,15 +88,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/3.4-rc/slim-bullseye/Dockerfile b/3.4-rc/slim-bullseye/Dockerfile index 0238894b4..6323f4858 100644 --- a/3.4-rc/slim-bullseye/Dockerfile +++ b/3.4-rc/slim-bullseye/Dockerfile @@ -88,15 +88,6 @@ RUN set -eux; \ \ cd /usr/src/ruby; \ \ -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \ diff --git a/Dockerfile.template b/Dockerfile.template index 3c17e9857..23543f6e9 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -213,15 +213,6 @@ RUN set -eux; \ rm thread-stack-fix.patch; \ \ {{ ) else "" end -}} -# hack in "ENABLE_PATH_CHECK" disabling to suppress: -# warning: Insecure world writable dir - { \ - echo '#define ENABLE_PATH_CHECK 0'; \ - echo; \ - cat file.c; \ - } > file.c.new; \ - mv file.c.new file.c; \ - \ autoconf; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ ./configure \