Path: utzoo!attcan!uunet!lll-winken!indri!unmvax!tut.cis.ohio-state.edu!ucbvax!cidam.me.rmit.oz.AU!mg
From: mg@cidam.me.rmit.oz.AU ("Mike A. Gigante")
Newsgroups: comp.sys.sgi
Subject: Re: Permissive Permissions
Message-ID: <8905130241.AA17013@uunet.UU.NET>
Date: 13 May 89 11:30:48 GMT
References: <4329@cidam.rmit.oz>
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 14

The default permissions stink. Not only is / 777 (allowing *anyone)
to create or remove any file in the / directory -- bad news) but executables
are shipped 777 also. This is even trueof setuid programs like /bin/su
which creates such a blatant security hole that any user can crack root
within 2 seconds ofgetting their csh/sh prompt.

When the machine arrives, I run commands like the following:

find / -type f -print | xargs file | grep mipseb | cut -f1 -d: | xargs chmod og-rw

and similar variations for shell scripts(og -w) and directories (og-w). Of course
with directories, there are a couple of execptions (like /tmp /usr/tmp etc)

Mike