Re: [PROPOSAL] (Ch.16 FHS) be more specific on file/dir permissions
> I. Write Permissions
> 1. Directories
> o The application must not depend on having directory write
> permission outside /tmp, /var/tmp and his home directory.
(language pedantry, not intended as a criticism)
> o The application must not depend on owning these directories.
> o The system may restrict directory write permissions for these
> directories by setting the "sticky bit" for them.
Including home ?
> ( To prevent the application to remove "foreign" files,
> e.g. a empty .rhosts file owned by root.)
> o The system must grant the permissions needed to use them
> to all libraries, executables and data files mentioned in the
> LSB document, and included standards.
Stop a moment. Grant to whom ? Do I grant perl the ability to the shadow
password file for example ;)
> o log in as user root
'root' isnt always the name used. There may be multiple priviledge levels -
how about 'log in as a privileged user'
(3 .sigs deleted - maintenance suggested 8))