File permissions and security (was: Hylafax & filePro vs. Vsifax)

[Barry Wiseman]

----- Original Message ----- 
From: "Fairlight" <fairlite at fairlite.com>
To: "filepro-list" <filepro-list at seaslug.org>
Sent: Thursday, May 20, 2004 11:41 AM
Subject: Re: Hylafax & filePro vs. Vsifax


> >From inside the gravity well of a singularity, Barry Wiseman shouted:
> > ----- Original Message ----- 
> > From: "Tom Aldridge" <tla at aldridgeinc.com>
> > > ::system noredraw "touch /appl/fpmerge/fpvsi"{di:
> > > ::system noredraw "chmod 777 /appl/fpmerge/fpvsi"{di:
> >
> > BTW, lines 2-4 of your code can be accomplished with much less typing
like
> > this:
> >
> >     ::printer "umask 0; cat >/appl/fpmerge/fpvsi"{di:
>
> Why point out a shorter way to shoot yourself in the foot?  If someone is
> inexperienced enough to insist upon 0777 on a file, the least they should
> have to do is work -very hard- to make the conscious effort to circumvent
> the natural security that *nix permissions provide when used properly.

Not to goad the dragon out of his lair, Mark, but on the systems I've used,
umask 0 results in 0666, not 0777 -- still global read/write permission,
granted.  I know how commendably security minded you are, but balking at
global permission to a temp file that's about to be deleted in a few
milliseconds anyway, seems a bit much! :-)

Would a "umask 033" satisfy you, assuming the data is not confidential?
Many users who are not ready to embark on group administration could benefit
from a "safer" method of handing off files from filepro to other apps.