我试过这个,但它没有工作,似乎是为OSX。 我有一个新鲜的Ubuntu 10.10(x64)与rvm,rails 3和ruby 1.9.2安装。 我有一个新的导轨应用程序,但使用gem或导轨导致以下警告(滞后)。
$ rails -v
/home/chance/.rvm/gems/ruby-1.9.2-p180@global/gems/railties-3.0.5/lib/rails/script_rails_loader.rb:11: warning: Insecure world writable dir /home/chance in PATH, mode 040777 /home/chance/.rvm/gems/ruby-1.9.2-p180@global/gems/bundler-1.0.10/lib/bundler/runtime.rb:136: warning: Insecure world writable dir /home/chance in PATH, mode 040777 Rails 3.0.5 $ gem -v
/home/chance/.rvm/rubies/ruby-1.9.2-p180/bin/gem:4: warning: Insecure world writable dir /home/chance in PATH, mode 040777 1.6.2
只要事情重要,这里是我的Gemfile:
source 'http://rubygems.org' gem 'rails' # Bundle edge Rails instead: # gem 'rails', :git => 'git://github.com/rails/rails.git' gem 'sqlite3' gem 'sqlite3-ruby', :require => 'sqlite3' gem "haml" gem "formtastic" gem "will_paginate" gem "devise" gem "delayed_job" gem "whenever" gem "memcache-client" gem "capistrano" group :testing do gem "rspec" gem "rspec-rails" gem "autotest-standalone" gem "autotest-rails" gem "autotest-growl" gem "mocha" gem "shoulda" gem "factory_girl_rails" end group :development do gem "cheat" gem "bullet" gem "ruby-growl" end
该消息表明目录/home/chance可以被所有人写入,这是一个潜在的安全漏洞。 这可能允许恶意用户将文件放入该目录,然后该目录的所有者可能意外地使用。
要修复,请从/home/chance删除世界可写的位:
$ chmod ow /home/chance
如果你不是/home/chance的所有者,你将需要通过sudo以root身份执行此操作:
$ sudo chmod ow /home/chance