On 06/26/2013 6:09 pm, Ben Lentz wrote:
I suspect I may get laughed off the list... but would you folks ever consider restricting the use of chmod such that world-writable files
This will only stop chmod from doing that. If a user has gcc, they can compile a custom version of chmod to bypass your check. If you want to guarantee this configuration, you need to modify the kernel so that it will reject requests from *all* programs to configure permissions in such a way. And the kernel devs would never allow it. You may still want to patch your local systems, either chmod or the kernel. However, this will not be accepted upstream. Joseph D. Wagner
