Permissions on "fp/lib/config" [was: Re: Security Issues with
filePro]
Jay R. Ashworth
jra at baylink.com
Wed May 26 10:31:28 PDT 2004
On Fri, Nov 28, 2003 at 01:27:18AM -0500, Kenneth Brody wrote:
> Quoting Bob Stockler <bob at trebor.iglou.com>:
> [...]
> > My /fp/lib/config file is owned by the user "filepro" and
> > has rw permissions for the owner only, and it seems to be
> > working OK (apparently for a long time now).
> >
> > I don't know when or how it got set that way.
> >
> > I also don't know why it should be set any other way. Its
> > contents are of interest only to filePro programs, so I
> > don't see why filePro would not function properly if its
> > permissions were any different from what I have.
> [...]
>
> It needs to be world-readable, or else runmenu can't read it. (Which
> may not be a requirement in your particular setting. But, imagine a
> setup with PFMENU in the config file, for example.)
I note that runmenu is *not* SUID, which surprised me. What breaks if
you set it that way?
Cheers,
-- jra
--
Jay R. Ashworth jra at baylink.com
Member of the Technical Staff Baylink RFC 2100
The Suncoast Freenet The Things I Think
Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274
Come see Linux Gazette in our new home: www.linuxgazette.net!
More information about the Filepro-list
mailing list