[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: YAP (Yet Another Proposal)

iwj10@cus.cam.ac.uk (Ian Jackson) writes:

> Remy Card proposes (unless I'm mistaken) that under a umask of 002
> people should protect their files from abuses by those who happen to
> be members of the group which owns their home directory by changing
> the mode of their home directory to 700 !

> I'm rather shocked to find Remy Card coming up with something which
> is IMO so ill-considered.

Well, it wasn't THAT bad.  I've made more than one "ill-considered"
proposal in my time.  :-)

> [ more arguments against ]


> Also, of course, applications like `finger' require the user's home
> directory to be at least ?11 so that the .plan and .project are
> visible.  This makes the whole thing very difficult to maintain
> securely.

Well, `finger' shouldn't really require a user's home directory to be
?11.  (And there are decent (albeit somewhat complicated) ways to get
around this.)  The reasoning is that a user should be able to set his
directory to be ?00 and still have their .plan and .project readable
via `finger' and only `finger'.


Daniel Quinlan  <quinlan@spectrum.cs.bucknell.edu>

Reply to: