On Mon, 2007-07-09 at 22:25 +0100, Glynn Clements wrote: > Brad Douglas wrote: > > > While looking over my working dirs, today, I noticed that all of my > > recent locations were created with 0777 permissions, instead of the > > traditional 0755 mask. Temp directories are still created properly. > > > > 0777 is bad form and a potential security problem. > > > > Is there a reason for the change I missed? A quick search through the > > archives didn't turn up anything. > > > > It seems to have come as an accidental result of the MINGW changes. The > > offending code can be found in lib/gis/paths.c in G_mkdir(). > > > > This should be explained or corrected before 6.2.2 is released. > > The mode passed to mkdir is modified by the process' umask to obtain > the actual mode of the directory. If you're ending up with > world-writable directories, that implies that your umask is zero, > which is insecure. > > Your umask should normally be at least 0022, (or 0022 if you want > files to be group-writable, which is sometimes useful); if you're > paranoid, use 0077 (i.e. no permissions for anyone but yourself).
umask...figures. Your lack of cerebral bitrot astounds me. I had completely forgotten about it and I, apparently, was too arrogant to look at a manpage. ;-) Don't know how, but my umask was set to 0002. -- 73, de Brad KB8UYR/6 <rez touchofmadness com> _______________________________________________ grass-dev mailing list [email protected] http://grass.itc.it/mailman/listinfo/grass-dev
