File permissions and security (was: Hylafax & filePro vs. Vsifax)
Barry Wiseman
bwiseman at optonline.net
Thu May 20 11:41:18 PDT 2004
----- Original Message -----
From: "Fairlight" <fairlite at fairlite.com>
To: "filepro-list" <filepro-list at seaslug.org>
Sent: Thursday, May 20, 2004 11:41 AM
Subject: Re: Hylafax & filePro vs. Vsifax
> >From inside the gravity well of a singularity, Barry Wiseman shouted:
> > ----- Original Message -----
> > From: "Tom Aldridge" <tla at aldridgeinc.com>
> > > ::system noredraw "touch /appl/fpmerge/fpvsi"{di:
> > > ::system noredraw "chmod 777 /appl/fpmerge/fpvsi"{di:
> >
> > BTW, lines 2-4 of your code can be accomplished with much less typing
like
> > this:
> >
> > ::printer "umask 0; cat >/appl/fpmerge/fpvsi"{di:
>
> Why point out a shorter way to shoot yourself in the foot? If someone is
> inexperienced enough to insist upon 0777 on a file, the least they should
> have to do is work -very hard- to make the conscious effort to circumvent
> the natural security that *nix permissions provide when used properly.
Not to goad the dragon out of his lair, Mark, but on the systems I've used,
umask 0 results in 0666, not 0777 -- still global read/write permission,
granted. I know how commendably security minded you are, but balking at
global permission to a temp file that's about to be deleted in a few
milliseconds anyway, seems a bit much! :-)
Would a "umask 033" satisfy you, assuming the data is not confidential?
Many users who are not ready to embark on group administration could benefit
from a "safer" method of handing off files from filepro to other apps.
More information about the Filepro-list
mailing list