Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!sdd.hp.com!think.com!paperboy!meissner From: meissner@osf.org (Michael Meissner) Newsgroups: comp.unix.shell Subject: Re: Wanted: thoughts about history mechanisms. Message-ID: Date: 7 May 91 21:47:38 GMT References: <5003@lib.tmc.edu> <1991Apr25.212431.1109@am.sublink.org> <1991Apr28.042814.26268@gpu.utcs.utoronto.ca> <1991May05.003216.300@am.sublink.org> Sender: news@OSF.ORG Organization: Open Software Foundation Lines: 21 In-reply-to: alex@am.sublink.org's message of 5 May 91 00:32:16 GMT In article <1991May05.003216.300@am.sublink.org> alex@am.sublink.org (Alex Martelli) writes: | 'easily'? ALL dot files in your home directory can be thought of as | "security holes" in this way - if you leave them writable (in general, | if you leave your home directory writable!), you're already asking | for big trouble, and, no, I don't think such mode-600ness is enforced | today for .profile, .exrc, .cshrc, .login, .rhosts, whatever $ENV | points at in ksh, and so on! Of the files listed, only .rhosts should (and in fact must) be protected by 0600. I see no point in making the rest world unreadable. It helps newbies if I can point them to existing dot files for examples of how to customize things (though of course my personel dot files have been overcustomized over the years, and tend to overwhelm). -- Michael Meissner email: meissner@osf.org phone: 617-621-8861 Open Software Foundation, 11 Cambridge Center, Cambridge, MA, 02142 Considering the flames and intolerance, shouldn't USENET be spelled ABUSENET?