Path: utzoo!utgpu!watmath!uunet!tut.cis.ohio-state.edu!rutgers!apple!vsi1!wyse!td2cad!mipos3!intelca!oliveb!Ozona!chase
From: chase@Ozona.orc.olivetti.com (David Chase)
Newsgroups: gnu.emacs.bug
Subject: Re: chmod 777
Message-ID: <32762@oliveb.olivetti.com>
Date: 17 Nov 88 21:58:09 GMT
References: <8811142028.AA00709@sugar-bombs.ai.mit.edu>
Sender: news@oliveb.olivetti.com
Reply-To: chase@Ozona.UUCP (David Chase)
Distribution: gnu
Organization: Olivetti Research Center, Menlo Park, CA
Lines: 32

In article <8811142028.AA00709@sugar-bombs.ai.mit.edu> rms@WHEATIES.AI.MIT.EDU (Richard Stallman) writes:
>I do not believe it is a good thing to have security among the users
>of a computer system.  If I were to distribute files that set the mode
>to something other than 777, I would in effect be promoting the practice
>that I do not approve of.  Therefore, I don't do it.

Even so, I think this should get a loud mention in the installation
notes; you can choose not do or promote things which you do not
approve of, but other people (even system administrators) have the
right to run their machines the way that they want to.  System
security is important enough to many people that you should at least
point this out.  To do otherwise would be sneaky.  These people may
choose not to run your software because of your decisions, but that is
their choice and they have the right to the information they need to
make that decision.  (One might ask, "what else should we know about
GNU emacs that we haven't been told yet?")

Another problem is that not everyone works in a computerized utopia in
which there are no malicious users, no careless users, and no
accidents.  I understand that some people feel that malicious users
are "produced" by heavy-handed system security, but I just don't
believe it.  Some of them, maybe; all, not a chance.  If, for example,
Robert Morris (Jr.) merely wanted to show that he could break in and
could crack security, he could have done the research and published it
somewhere (a letter to RISKS digest would have been entirely
appropriate).  I've also run across students whose idea of a good hack
involved messing with other students' files, not breaking into the
system.  Since I can't identify these people until the damage is
already done (and maybe not even then), I think a little system
security is not a bad idea.

David