Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?

To: tluxt2@yahoo.com
Cc: debian-devel@lists.debian.org
Subject: Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
From: Andrew Beresford <beezly@beezly.org.uk>
Date: 25 Feb 2002 22:28:47 +0000
Message-id: <[🔎] 1014676127.23983.27.camel@monkey>
In-reply-to: <[🔎] 20020225222226.57210.qmail@web21302.mail.yahoo.com>
References: <[🔎] 20020225222226.57210.qmail@web21302.mail.yahoo.com>

Hi,

On Mon, 2002-02-25 at 22:22, tluxt2@yahoo.com wrote:
> I think that is a bad default.  It provides a way that non root users have
> access to some root information - by default.  Perhaps that information should
> not be available to non root users.
> 
> So, by default, non root users shouldn't be given access to such things.  So,
> by default, those bits should be off.

umask can do this. Any sysadmin running a multiuser system who doesn't
know how to use umask has far worse problems than leaving files open to
read.

755 seems like a fairly reasonable default to me. (is that what's it's
set to? I haven't checked!)

Andrew

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
  - From: Joseph Carter <knghtbrd@bluecherry.net>
- Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
  - From: <tluxt2@yahoo.com>

References:
- Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
  - From: <tluxt2@yahoo.com>

Prev by Date: Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
Next by Date: [광고]무료회원으로 가입 하시면 멤버쉽골드카드를 드립니다.
Previous by thread: Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
Next by thread: Re: RC Security Flaw - mkdir & script create as 755, 644. SB &700, yes?
Index(es):
- Date
- Thread