Re: YAP (Yet Another Proposal)

To: debian-devel@pixar.com
Subject: Re: YAP (Yet Another Proposal)
From: quinlan@spectrum.cs.bucknell.edu (Daniel Quinlan)
Date: Tue, 29 Mar 94 13:56 PST
Message-id: <[🔎] 9403292150.AA22634@spectrum.cs.bucknell.edu>
Reply-to: quinlan@spectrum.cs.bucknell.edu

iwj10@cus.cam.ac.uk (Ian Jackson) writes:

> Remy Card proposes (unless I'm mistaken) that under a umask of 002
> people should protect their files from abuses by those who happen to
> be members of the group which owns their home directory by changing
> the mode of their home directory to 700 !

> I'm rather shocked to find Remy Card coming up with something which
> is IMO so ill-considered.

Well, it wasn't THAT bad.  I've made more than one "ill-considered"
proposal in my time.  :-)

> [ more arguments against ]

Yep.

> Also, of course, applications like `finger' require the user's home
> directory to be at least ?11 so that the .plan and .project are
> visible.  This makes the whole thing very difficult to maintain
> securely.

Well, `finger' shouldn't really require a user's home directory to be
?11.  (And there are decent (albeit somewhat complicated) ways to get
around this.)  The reasoning is that a user should be able to set his
directory to be ?00 and still have their .plan and .project readable
via `finger' and only `finger'.

Dan

--
Daniel Quinlan  <quinlan@spectrum.cs.bucknell.edu>

Reply to:

Prev by Date: YAP (Yet Another Proposal)
Next by Date: Debian bootdisk issues
Previous by thread: YAP (Yet Another Proposal)
Next by thread: Debian bootdisk issues
Index(es):
- Date
- Thread