[Fwd: [luau] Unwanted Perrmissions Changes - Drake 8.2]
MonMotha
monmotha at indy.rr.com
Wed May 22 17:05:00 PDT 2002
Both related and unrelated, UMASK only applies at creation time, not
later on. So if I were to create a file and my UMASK was 022, I would
get 755 permissions, or rwxr-xr-x. If my UMASK is 002, I get rwxrwxr-x,
which may be appropriate when each user has their own group (so you may
have it backwards?).
In any circumstance, umask only applies at file creation, not later. So
this means that there must be some sort of daemon or cron script adding
permissions. It's possible that this was accidentally enabled by the
user, but it is disturbing nonetheless.
--MonMotha
W. Wayne Liauh wrote:
>
>
> -------- Original Message --------
> Subject: [luau] Unwanted Perrmissions Changes - Drake 8.2
> Date: Wed, 22 May 2002 16:30:43 -1000
> From: "W. Wayne Liauh" <LiauhW001 at Hawaii.rr.com>
> To: "W. Wayne Liauh" <LiauhW001 at hawaii.rr.com>
>
>
>
> I was forwarded some of the discussions on this subject. I don't want
> anyone to get the impression that all of us in Hawaii believe that
> Mandrake will, sua sponte, "add" permissions to certain files. It will
> never do that. (To think any Linux distro, especially a major distro
> like Mandrake, will do that, is an insult to our collective intelligence.)
>
> All "msec" does, as far as permissions are concerned, is to take away
> the "write" permission for non-owners. When Mandrake creates a new user
> account, it also creates a corresponding new group, thus, the default
> umask=022 is applied. OTOH, if my memory serves me correctly, Red Hat
> lumps all users into the same group (unless you change it). Thus Red
> Hat uses the default umask=002. There is nothing sexy about msec.
>
> Konqueror, however, can create some problems (because it is always too
> new and relatively untested), especially if you run it in the root mode.
> I have noticed that Konqueror sometimes can "corrupt" a file. For
> example, if you use Konqueror in the root mode to copy or move a file,
> the ownership will change to root (this is expected, and Konqueror does
> not seem to have an option to retain the ownership, etc., as MC does).
> Then you use the "property" dialog to change its ownership to whoever
> you want it to belong to. I have noticed that the permission of such a
> file can change to something that I could not recognize. Apparently,
> Konqueror may have corrupted at least the attribute portion of that
> file. Exactly as to how this might have happened, I have no idea.
>
> Permission is one of the most important part of Linux/Unix. Even
> Microsoft recognizes that. Unless someone wants to stick to Win98,
> which has no security whatsoever, there is no escape from the permission
> issue (unless you run everything as root, as most Windows only know how
> to do). Personally, I believe the permission feature implemented in
> Win2K and beyond is no comparison to Linux. (Many in this forum
> probably still have memories of VMS vs. Unix; I believe the superior
> permission design of Unix vis-a-vis anything else, is one of the reasons
> resulting in VMS being almost completely wiped out from earth--and
> morphed into WinNT/2K/XP.)
>
>
>
> http://videl.ics.hawaii.edu/pipermail/luau/2002-May/008011.html
>
>
>
> ------------------------------------------------------------------------
>
>
> [luau] Unwanted Perrmissions Changes - Drake 8.2
>
> *MonMotha * luau at videl.ics.hawaii.edu <mailto:luau%40videl.ics.hawaii.edu>
> /Wed May 22 13:21:01 2002/
>
> * Previous message: [luau] Unwanted Perrmissions Changes - Drake 8.2
> <008010.html>
> * Next message: [luau] Re:Screen Resolution in Red Hot? <008013.html>
> * *Messages sorted by:* [ date ] <date.html#8011> [ thread ]
> <thread.html#8011> [ subject ] <subject.html#8011> [ author ]
> <author.html#8011>
>
> ------------------------------------------------------------------------
>
> They're some very good reasons to bash Mandrake, not linux in general.
>
> After all, Linux is just a kernel, I can make the userspace do wahtever
> I want it to. Heck I could make it as unusable as Windows!
>
> I agree that's a stupid thing to do on Mandrake's part. Never, I repeat
> _*NEVER*_ _*EVER*_ automagically add permissions to a user's
> files/directories. Removing them, possibly (777ing your home is
> probably a mistake and I wouldn't mind TOO much if they "corrected" it
> for me, but granting permissions I took away is WRONG). Remind me to
> flame Manduck at my earliest convience for that trick (not that I use it
> anyway :)
>
> You might want to consider RedHat or Debian, possibly SuSE. RedHat
> especially tries to be user friendly, but tends to not be quite as
> automated as Mandrake (though it can get pretty bad, but that's from a
> person who likes to build his own linux installs by hand from source).
> Debian is great if you want a good amount of control over your system
> but don't want to do everythign by hand. If you're really a control
> freak, then Slackware might be worth a try, but be prepared to do some
> heavy man'ing since it doesn't do much of anything for you.
>
> --MonMotha
>
> Joe Linux wrote:
>>/ I hardly call it a feature that any user can look at any other user's
> />/ files. What kind of security is that?
> />/
> />/ Then it takes a full day to figure out nothing about how to fix it?
> />/ Trust me, these are some of the reasons people are very slow to migrate
> />/ to Linux.
> />/
> />/
> />/ Warren Togami wrote:
> />/
> />>/----- Original Message -----
> />>/From: "Joe Linux" <joelinux at earthlink.net <mailto:joelinux at earthlink.net>>
> />>/To: <luau at videl.ics.hawaii.edu <mailto:luau at videl.ics.hawaii.edu>>
> />>/Sent: Wednesday, May 22, 2002 4:30 AM
> />>/Subject: [luau] Unwanted Perrmissions Changes - Drake 8.2
> />>/
> />>/
> />>>/I'm very frustrated. I want the permissions on my home directory and
> />>>/other users home directory to be 770, but the Mandrake Linux System
> />>>/constantly changes the permissions back to 755 on these directories. Is
> />>>/there anyway to stop it from doing this?
> />>>/
> />>>/Permissions and the lack of control over them are the most annoying
> />>>/thing about Linux, and probably a primary reason the entire OS is not
> />>>/very popular.
> />>>/
> />>/
> />>/Please don't jump the gun and blame it on Linux. This sounds to be a
> />>/feature, not a bug, of Mandrake's MSEC security module that enforces certain
> />>/access controls because it thinks it knows better than the user. In most
> />>/cases it DOES know better than the user, but in your case you must figure
> />>/out how to disable it.
> />>/
> />>/http://www.mandrakesecure.net/en/docs/msec.php
> />>/Please read this page for more details. The simple fix would be to lower
> />>/your msec security level (you can find that in DrakConf).
> />>/
> />>/Just remember when it comes to most security, security is an inverse curve
> />>/to usability.
> />>/
> />>/_______________________________________________
> />>/LUAU mailing list
> />>/LUAU at videl.ics.hawaii.edu <mailto:LUAU at videl.ics.hawaii.edu>
> />>/http://videl.ics.hawaii.edu/mailman/listinfo/luau
> />>/
> />/
> /
>
>
> ------------------------------------------------------------------------
>
> * Previous message: [luau] Unwanted Perrmissions Changes - Drake 8.2
> <008010.html>
> * Next message: [luau] Re:Screen Resolution in Red Hot? <008013.html>
> * *Messages sorted by:* [ date ] <date.html#8011> [ thread ]
> <thread.html#8011> [ subject ] <subject.html#8011> [ author ]
> <author.html#8011>
>
More information about the LUAU
mailing list