Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!ira.uka.de!rusmv1!theorie!julia!regn
From: regn@informatik.uni-ulm.de (Robert Regn)
Newsgroups: comp.sys.next
Subject: Re: Security of NeXT systems (man pages in cat)
Message-ID: <regn.671389727@julia>
Date: 11 Apr 91 17:08:47 GMT
References: <1991Feb28.143720.7839@engage.enet.dec.com> <1376@toaster.SFSU.EDU> <1991Mar1.014356.16867@mp.cs.niu.edu> <1380@toaster.SFSU.EDU> <1991Mar11.163150.7457@investor.pgh.pa.us>
Organization: University of Ulm, Germany
Lines: 19

In <1991Mar11.163150.7457@investor.pgh.pa.us> rbp@investor.pgh.pa.us (Bob Peirce #305) writes:

>>>             It is definitely a waste because on most systems the
>>>vast majority of man pages are *never* examined by any user.  Those
>>>pages that *are* examined get nroff'ed once when first needed and
>>>are available for quick access from then on.

>You can use cron to rm any that have not been accessed in some period of
>time on the assumption that the query was a one-shot deal.

Good idea, because of another problem:
if a user with umask 077 reads a never before read  man page,
then the catman - page isn't readable by other users.

And: The possibility of CHANGING the manual pages ( catman) is always
a security hole!