[prev in list] [next in list] [prev in thread] [next in thread]
List: kde
Subject: Re: kscd, CDDB, and krabber security
From: Adolf Koenig <rzuw001 () rz ! uni-wuerzburg ! de>
Date: 1999-07-29 7:53:20
[Download RAW message or body]
Cris Wade wrote:
> ... ok, here
> is the problem. when I went to /opt/kde/share/apps/kscd/cddb all the
> directories were set with 777 (drwxrwxrws)permision, and all the files in
> those directories were given 666 (-rw-rw-rw)permision. To me, this sounds
> unsafe.
It is unsafe indeed, if you are not the only user on your box.
> My solution was to set the sticky bit (+t) on all of the
> directories in /opt/kde/share/apps/kscd/cddb (rock, jazz, etc), this way,
> all a user could do is to delete there own CDDB records, but noone elses.
>
> now my question is this. Will this cause any problems for any other
> programs that you know of.
Probably not. The only consequence is, as you've seen already, that
a user (except root) can only delete his own files. No reasonable software
will depend on deleting other user's files.
You could as well remove most of the write-pemissions for world, except
perhaps logfiles etc.
> Secondly, is this a problem with all KDE
> installs, or is it just a slackware specific problem.
Probably it's a problem caused by installing a tar-packed library. The tar-file
contains the permissions of the files and directories as they were at the moment of
generating the tar-file and if you install it, you get them all. As I said, as long as
you are the only user, it doesn't really matter. If you want to check the permissions
before installing a tar-archive, you could take a look on the output of
tar -tvf tarfilename
Greetings
A.Koenig
--
Send posts to: kde@lists.netcentral.net
Send all commands to: kde-request@lists.netcentral.net
Put your command in the SUBJECT of the message:
"subscribe", "unsubscribe", "set digest on", or "set digest off"
PLEASE READ THE ARCHIVED MESSAGES AT http://lists.kde.org/ BEFORE POSTING
**********************************************************************
This list is from your pals at NetCentral <http://www.netcentral.net/>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic