Re: Disturbing news..

Olivier Galibert (galibert@pobox.com)
Wed, 28 Mar 2001 10:04:40 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chris Mason: "Re: OOPS: reiserfs, 2.4.2-ac26 SMP"
Previous message: Krzysztof Halasa: "RFC: configuring net interfaces"

On Wed, Mar 28, 2001 at 03:04:46PM +0100, Simon Williams wrote:
> I think their point was that a program could only change permissions
> of a file that was owned by the same owner. If a file is owned by a
> different user & has no write permissions for any user, the program
> can't modify the file or it's permissions.

You mean, you usually have write permissions for other than the owner
on executable files?

Let me reformulate that. You usually have write permissions for other
than the owner, and not only on some special, untrusted log files (I'm
talking files, here, not device nodes)? What's your umask, 0?

> Sounds like a good plan to me.

PEBCAK. Unix security is not designed with dumb "administrators" in
mind, nor should be. User friendly is good. Luser friendly isn't,
it's either dumbing down or unnecessarily restrictive.

OG, who waits for the first insmod-ing "virus"
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Mason: "Re: OOPS: reiserfs, 2.4.2-ac26 SMP"
Previous message: Krzysztof Halasa: "RFC: configuring net interfaces"