Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!LERC08.NAS.NASA.GOV!fsfacca From: fsfacca@LERC08.NAS.NASA.GOV (Tony Facca) Newsgroups: comp.sys.sgi Subject: Re: Permissive Permissions Message-ID: <8905111510.AA01264@lerc08.nas.nasa.gov> Date: 11 May 89 15:10:03 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 68 Just a "recap" on the situation.. Original posting: >>On three different Irises in three different groups (checked within the last >>few minutes), / was world-writable (apparently shipped as such). Not funny. I said: >I have seen this on the 3000's as well. I believe they were shipped that way >and (I'm not positive but..) I think each time the OS was revised I had to >reset the permission on / after installation. Margaret Miluska said: >>Yes, we have 3130's and all of them had always extremely "permissive >>permissions" (777) on all important directories, no matter which >>version of op sys they ran. All machines brand new. I can't understand >>what makes SGI ship the machines that way. (Anybody at SGI cares to >>comment ?...) Another poster asks: >>> I fail to see what the problem is? / has world-writable, so what?! >>> I would be concerned if it didn't. To which just about everyone said: >>It is a security problem -- Tom Mitchell (of SGI) adds: >>True. It is wrong. Also simple to fix. [editorial comment: Sure its simple, if you notice it before anyone can do damage. Bye the way, how many people checked / on their systems after this posting just to be sure? I know I did.] >>Will the original poster email me the Serial Numbers of >>the machines so I can follow up on this. I am mitch@sgi.com Dave Olson (also of SGI): >>It turns out that when we made the master drives from which >>the shipped drives are copied, no one noticed that ^^^^^^^^^^^^^^^ >>/ was permission 777. mkfs created the root of the new [editorial comment: Wink, Nudge, Nudge, say no more..] >>all future releases will no longer have this problem (note that Well, that was a lot of fun, thank you SGI for jumping in. This problem has been bothering me for a couple of years now, but I never bothered to complain about it. One last question, the original poster mentioned that he's seen the problem on the 4D's. We have several 20's and some 70's and I haven't seen it on these machines. Which "master drives" are you talking about? Is it more prone to be 3000's than 4D's? (I guess that's two questions). -- ----------------------------------------------------------------------------- Tony Facca | phone: 216-433-8318 NASA Lewis Research Center | Cleveland, Ohio 44135 | email: fsfacca@lerc08.nas.nasa.gov -----------------------------------------------------------------------------