16

I am getting the following warning while installing any plugin in my rails application.

/usr/local/lib/ruby/gems/1.9.1/gems/activesupport-2.3.5/lib/active_support/core_ext/kernel/agnostics.rb:7: warning: Insecure world writable dir /usr/local/bin in PATH, mode 040777

Can someone please tell me how to solve this problem? Thanks

felix
  • 11,304
  • 13
  • 69
  • 95
  • i got this same warning when using rvm. microspino solved the problem for me – Anand Jan 03 '11 at 05:22
  • I had the same problem just after installing the software for a T-Mobile broadband USB dongle and was wondering whether it was responsible for doing it. Are you by any chance also using a dongle? – Peter Nixey Jun 22 '11 at 12:07
  • Possible duplicate: http://stackoverflow.com/questions/3952243/warning-insecure-world-writable-dir and http://stackoverflow.com/questions/2796421/warning-insecure-world-writable-dir-when-i-run-a-ruby-or-gem-command – Jatin Ganhotra Sep 27 '12 at 09:30

2 Answers2

34

Ruby (on all Unixes, including Cygwin) warns if you try to run an external program and your $PATH contains a world-writable directory. It doesn't just check the directories on $PATH: it checks each of their parents, too, because if /usr/local (say) is world-writeable, /usr/local/bin is subverted as easily as if it were writeable itself.

A work-around could be to remove "other" write permission from the relevant directories.

For instance:

  • chmod o-w /usr/local/bin
  • chmod o-w /usr/local
  • chmod o-w /cygdrive/c
microspino
  • 7,693
  • 3
  • 48
  • 49
1

This is due to the fact that /usr/local/bin is writable by your application when maybe it shouldn't. You can fix this by changing the permissions on this directory.

marcgg
  • 65,020
  • 52
  • 178
  • 231