TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Thanks for installfest & Pine file permisions:
A quick thank you for another great installfest. I've attended the last
two and each time the hands on atmosphere has been a great learning
experience. It's also very enjoyable to get away from my pizza box
infested computer desk and meet some other users.
I recently reinstalled pine-4.04-2.src.rpm. After creating a .pinerc
within a user account, I get "Mailbox vulnerable - must have 1777
protection". To begin with, I am confused about the four numbers. I
thought there was only three possible permissions; one for user, group
and other. What is the fourth number in this scenario?
As I understand, a chmod 777 would give user, group and other read,
write and execute permissions. When I tested the 1777 permission on an
arbitrary file it produced the following results:
Prior to chmod 1777, -rw-rw-r-- 1 rtp rtp 759 Mar 9
13:56 1777
After chmod 1777, -rwxrwxrwt 1 rtp rtp 759 Mar 9
13:56 1777
I can't see chmod 1777 resulting in anything but a security compromise.
These are my current permissions:
drwx------ 2 rtp rtp 1024 Jan 13 11:00 nsmail/
[rtp@mi-recordz nsmail]$ ls -l
total 9888
-rw------- 1 rtp rtp 0 Jan 13 06:17 Drafts
-rw------- 1 rtp rtp 6458735 Mar 9 13:30 Inbox
-rw------- 1 rtp rtp 325847 Mar 9 05:48 Sent
-rw------- 1 rtp rtp 3294419 Mar 7 19:16 Trash
-rw------- 1 rtp rtp 0 Jan 13 06:17 Unsent Messages
-rw------- 1 rtp rtp 4096 Mar 9 13:44 .pine-debug1
-rw------- 1 rtp rtp 7049 Mar 9 13:44 .pine-debug2
-rw------- 1 rtp rtp 7969 Mar 9 13:40 .pine-debug3
-rw------- 1 rtp rtp 7175 Mar 7 19:18 .pine-debug4
-rw-r--r-- 1 rtp rtp 11427 Mar 3 20:54 .pinerc
The only compromise I see here is with .pinerc. In my scenario, I can't
think of a reason for group or other to read my .pinerc. Maybe I am
wrong. Any suggestion or insights on this scenario are appreciated.
ron parker