Re: permissions

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Pat Myrto: "Re: FIRST Workshop Info"
• Previous message: Adam Shostack: "Re: your mail"
• In reply to: Perry E. Metzger: "permissions"
• Next in thread: Evil Pete: "Re: permissions"

"In the previous message, Perry E. Metzger said..."
> 
> 
> Steve Simmons says:
> > Ob. Bug:
> > 
> > The System V vendor(s) who shipped both / and /etc with mode 777.
> 
> To this day, SunOS ships with horrible permissions on directories.
> Directories that because of NFS vulnerabilities should be owned by
> root ship owned by bin; /usr/games ships with loads of suid and sgid
> programs that are potential security holes, etc. Part of the
> system install proceedure at my last job was a large chmod/chown
> script we ran on every machine...

There is a patch, that is nothing more than a script that improves
the perms that is available, at least for SunOS 4.1.x.  As you point out
it changes /etc/ from bin to root, and the same with a lot of other
subdirs.  How complete it is, I don't know but it is far better than
the original.

And yes, I remember the UNIX PC that shipped with mod 777 on / ...
And I am sure there are others.  I routinely check the /, etc, /bin,
/usr, /usr/bin, and /usr/local subdirs for permissions as one of the
first things I do when a new install first comes up.

-- 
pat@rwing  [If all fails, try:  rwing!pat@ole.cdac.com]  Pat Myrto - Seattle WA
"No one has the right to destroy another person's belief by demanding
empirical evidence."  --   Ann Landers, nationally syndicated advice columnist
and Director at Handgun Control Inc.

• Next message: Pat Myrto: "Re: FIRST Workshop Info"
• Previous message: Adam Shostack: "Re: your mail"
• In reply to: Perry E. Metzger: "permissions"
• Next in thread: Evil Pete: "Re: permissions"