TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Thanks for installfest & Pine file permisions:

A quick thank you for another great installfest. I've attended the last
two and each time the hands on atmosphere has been a great learning
experience. It's also very enjoyable to get away from my pizza box
infested computer desk and meet some other users.

I recently reinstalled pine-4.04-2.src.rpm. After creating a .pinerc
within a user account, I get "Mailbox vulnerable - must have 1777
protection". To begin with, I am confused about the four numbers. I
thought there was only three possible permissions; one for user, group
and other. What is the fourth number in this scenario?

As I understand, a chmod 777 would give user, group and other read,
write and execute permissions. When I tested the 1777 permission on an
arbitrary file it produced the following results:

Prior to  chmod 1777,  -rw-rw-r--   1 rtp      rtp           759 Mar  9
13:56 1777

After chmod 1777,  -rwxrwxrwt   1 rtp      rtp           759 Mar  9
13:56 1777

I can't see chmod 1777 resulting in anything but a security compromise.

These are my current permissions:

drwx------   2 rtp      rtp          1024 Jan 13 11:00 nsmail/

[rtp@mi-recordz nsmail]$ ls -l
total 9888
-rw-------   1 rtp      rtp             0 Jan 13 06:17 Drafts
-rw-------   1 rtp      rtp       6458735 Mar  9 13:30 Inbox
-rw-------   1 rtp      rtp        325847 Mar  9 05:48 Sent
-rw-------   1 rtp      rtp       3294419 Mar  7 19:16 Trash
-rw-------   1 rtp      rtp             0 Jan 13 06:17 Unsent Messages

-rw-------   1 rtp      rtp          4096 Mar  9 13:44 .pine-debug1
-rw-------   1 rtp      rtp          7049 Mar  9 13:44 .pine-debug2
-rw-------   1 rtp      rtp          7969 Mar  9 13:40 .pine-debug3
-rw-------   1 rtp      rtp          7175 Mar  7 19:18 .pine-debug4
-rw-r--r--   1 rtp      rtp         11427 Mar  3 20:54 .pinerc

The only compromise I see here is with .pinerc. In my scenario, I can't
think of a reason for group or other to read my .pinerc. Maybe I am
wrong. Any suggestion or insights on this scenario are appreciated.

ron parker