Path: utzoo!utgpu!watmath!uunet!tut.cis.ohio-state.edu!allosaur.cis.ohio-state.edu!bob
From: bob@allosaur.cis.ohio-state.edu (Bob Sutterfield)
Newsgroups: gnu.emacs.bug
Subject: Re: chmod 777
Message-ID: <27843@tut.cis.ohio-state.edu>
Date: 17 Nov 88 20:06:41 GMT
References: <8811142028.AA00709@sugar-bombs.ai.mit.edu> <447@arisia.Xerox.COM>
Sender: news@tut.cis.ohio-state.edu
Distribution: gnu
Organization: The Ohio State University Dept of Computer & Information Science
Lines: 30

In article <447@arisia.Xerox.COM> jlevy@arisia.UUCP (Jacob Levy) writes:
>Shouldn't it be possible to use Gnu Emacs (i.e. contribute towards
>your (a) goal) without subscribing to your (b) goal ["eliminating
>security and protection" - jlevy]?

Sure, it's possible.  Just modify the top-level Makefile to install
things mode 755.  You aren't required to install it on your system the
way RMS installs it on his.  I don't.

>Also, shouldn't you warn people about POSSIBLE security holes like
>the one mentioned,

I don't have time to read all the source that I install, but I
certainly look over (at least) the install: targets in all the
Makefiles.  I don't think you could install Emacs on your own system,
with your own local directory arrangement, without customizing (e.g.)
LIBDIR and others.  While you're in the file, look over the install:
target as well.  You'll see the mode-777 and can easily change it.

If a site wants to run free software and doesn't feel that they have
sufficient technical resources to install and support it, they can
always hire a consultant to do it for them.

>and others which (for all we know, we have not the time to read the
>code) are intentionally planted?

As with any free software you run on your system, you must trust the
character and reputation of the author, and a netful of other experts
to point out when the author has erred.  When you pay for software,
you trust a bunch of lawyers to protect you.  Which would you prefer?