[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Debian FEATURE: /home/loser is with permissions 755, default umask 0022
From: Russ Allbery <eagle () eyrie ! org>
Date: 2020-10-13 4:36:28
Message-ID: 87wnzu91yr.fsf () hope ! eyrie ! org
[Download RAW message or body]
Brian May <brian@linuxpenguins.xyz> writes:
> Jeffrey Walton <noloader@gmail.com> writes:
>> [...] like making /home/loser/www available to other users.
> Does anybody even do this anymore?
Yes, I'm still seeing this pattern in the academic world. In general,
shared file systems and an expectation of a generous umask are still very
common in the academic and scientific world, where people routinely work
collaboratively on large data sets and share snippets of code and data
frequently.
> Once upon a time, a shared Unix system account come with an implied web
> account which you could use to publish files and create your own
> website. But I cannot personally think of any examples where this still
> happens. websystems and shell accounts are generally stored on distinct
> and independent systems.
I personally still maintain my web pages this way, although I'm not a good
example, of course, and it's on my list to change. :) But I have also
still seen this pattern in scientific work. There's built-in support in
Apache still.
> Plus even if I was going to implement such a system today, I might
> seriously consider using - say "/web/loser" instead. Although this might
> have implications if quotas are important. Or maybe something that bind
> mounts /home/loser/www to /web/loser, that way the web software doesn't
> need access to /home/loser.
Yes, indeed. It's certainly not an argument against changing the
defaults; a small amount of additional user work to actively choose to
share something is a better default approach.
--
Russ Allbery (eagle@eyrie.org) <https://www.eyrie.org/~eagle/>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic