Marc Lehmann writes:
> When you recreate a file with different contents you have modified it. > Anything else is weird word twisting, and not useful in this context - it > doesn't matter how exactly I change a file, as long as I can change it > when I shouldn't be, it is a security bug. True, you can delete the file and replace it, but then it is now owned by you instead of the original owner. It's a fair argument that it amounts mostly to the same thing. > No, there are other possibilities, but that is one way, yes. Other possibilities like what? >> looser permissions, and that amounts to the same thing as just not >> keeping it mounted most of the time. > > No, these are very different things. How so? In both cases the permissions on the file itself are wrong, and you are relying other mechanisms to stop access before it gets to checking the wrong permissions. > Your question is loaded, because it presumes that the correct permissions > are somehow incorrect (a contradiction that any answer would have to > accept, which makes it impossible to answer your question). That is > not The permissions allow access that you do not wish it to. Ipso facto, the permissions are incorrect.
