Permissive Permissions
Mike A. Gigante
mg at cidam.me.rmit.oz.AU
Sat May 13 21:30:48 AEST 1989
The default permissions stink. Not only is / 777 (allowing *anyone)
to create or remove any file in the / directory -- bad news) but executables
are shipped 777 also. This is even trueof setuid programs like /bin/su
which creates such a blatant security hole that any user can crack root
within 2 seconds ofgetting their csh/sh prompt.
When the machine arrives, I run commands like the following:
find / -type f -print | xargs file | grep mipseb | cut -f1 -d: | xargs chmod og-rw
and similar variations for shell scripts(og -w) and directories (og-w). Of course
with directories, there are a couple of execptions (like /tmp /usr/tmp etc)
Mike
More information about the Comp.sys.sgi
mailing list