Feature Request: disallow world-writable files in chmod (original) (raw)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
| From: | Ben Lentz |
|---|---|
| Subject: | Feature Request: disallow world-writable files in chmod |
| Date: | Wed, 26 Jun 2013 21:09:37 -0400 |
I suspect I may get laughed off the list... but would you folks ever consider restricting the use of chmod such that world-writable files are reserved for 1) /tmp-style permissions (1777) or 2) reserved for root-only users? Despite training (berating?) users, it seems the default reaction to "oh no, I am having a permission problem" is an knee-jerk execution of "chmod -R 777 *" in order to make the 'problem' go away... however all it's really done is move the problem...
I realize this may break things - a lot of things - stuff I'm not considering - of course you could always wrap in a set of ifdef tags and make it non-default?
*** src/chmod.c Wed Jun 26 16:16:28 2013 --- src/chmod.c Wed Jun 26 17:57:17 2013
*** 244,249 **** --- 244,258 ---- new_mode = mode_adjust (old_mode, S_ISDIR (old_mode) != 0, umask_value, change, NULL);
if ((new_mode & S_IWOTH) && !(new_mode & S_ISVTX) && (getuid() != 0)){error (0, 0, _("world-writable permissions have been
restricted by your system administrator"));
ok = false;}}- if (ok)
{ if (! S_ISLNK (old_mode)) { if (chmodat (fts->fts_cwd_fd, file, new_mode) == 0)
- Feature Request: disallow world-writable files in chmod,Ben Lentz <=
- Re: Feature Request: disallow world-writable files in chmod, Pádraig Brady, 2013/06/27
- Re: Feature Request: disallow world-writable files in chmod, Joseph D. Wagner, 2013/06/27
* Re: Feature Request: disallow world-writable files in chmod, Ben Lentz, 2013/06/27
* Re: Feature Request: disallow world-writable files in chmod, Joseph D. Wagner, 2013/06/27 - Re: Feature Request: disallow world-writable files in chmod, Bob Proulx, 2013/06/27
- Prev by Date:[PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
- Next by Date:Re: Feature Request: disallow world-writable files in chmod
- Previous by thread:[PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
- Next by thread:Re: Feature Request: disallow world-writable files in chmod
- Index(es):