[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: flashplayer9? (Mystery solved)

Hash: SHA1

On 12/16/06 21:17, Marc Shapiro wrote:
> David Jardine wrote:
>> On Sat, Dec 16, 2006 at 12:27:48PM -0800, Marc Shapiro wrote:
>>> Yes, but there are actually quite a few hidden configuration
>>> directories that are set with permissions of 700.  I can see that
>>> this prevents anyone else from viewing your configs, but I don't see
>>> a danger in that (viewing, but not changing).  I could just change
>>> all of them from 700 to 755.  Then updatedb would find them all and
>>> locate will actually get everything, until the next time that some
>>> program creates its config directory with a 700 permission.
>> You might find that some programs (fetchmail is an example I can think
>> of) refuse to run if permissions on the config files are not strict
>> enough.
> This is why I would prefer to simply change updatedb.conf so that
> updatedb runs as 'root' instead of as 'nobody'.  If no one can give me a
> good reason not to, then that is what I will do.

Security rule #2 : Don't run as root unless you *really* need to,
like touch the h/w.  Otherwise, use groups.

Instead of having slocate run as root, find out why ~/.mozilla/ is
set to 700.  BTW, mine is set to 700 also.  Probably because of

- --
Ron Johnson, Jr.
Jefferson LA  USA

Is "common sense" really valid?
For example, it is "common sense" to white-power racists that
whites are superior to blacks, and that those with brown skins
are mud people.
However, that "common sense" is obviously wrong.
Version: GnuPG v1.4.6 (GNU/Linux)


Reply to: