base-passwd: postinstall script too open permissions

public inbox for cygwin-apps@cygwin.com
 help / color / mirror / Atom feed

* base-passwd: postinstall script too open permissions
@ 2008-08-20  8:13 Corinna Vinschen
  2008-08-20  8:35 ` John Morrison
  0 siblings, 1 reply; 3+ messages in thread
From: Corinna Vinschen @ 2008-08-20  8:13 UTC (permalink / raw)
  To: cygwin-apps

Hi John,

do you remember the reason why the passwd-grp.sh postinstall script
calls

  chmod 777 /etc/passwd
  chmod 777 /etc/group

?  That's not right, IMO.  The permissions should rather be 644 and
not allow writing for everyone.

Along the same lines, the `chmod a+w' calls in the second half of the
script should better just be `chmod u+w'.

Would you mind to change that, please?

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: base-passwd: postinstall script too open permissions
  2008-08-20  8:13 base-passwd: postinstall script too open permissions Corinna Vinschen
@ 2008-08-20  8:35 ` John Morrison
  2008-08-20  9:14   ` Corinna Vinschen
  0 siblings, 1 reply; 3+ messages in thread
From: John Morrison @ 2008-08-20  8:35 UTC (permalink / raw)
  To: cygwin-apps

On Wed, August 20, 2008 9:14 am, Corinna Vinschen wrote:
> Hi John,
>
> do you remember the reason why the passwd-grp.sh postinstall script
> calls
>
>   chmod 777 /etc/passwd
>   chmod 777 /etc/group
>
> ?  That's not right, IMO.  The permissions should rather be 644 and
> not allow writing for everyone.
>
> Along the same lines, the `chmod a+w' calls in the second half of the
> script should better just be `chmod u+w'.
>
> Would you mind to change that, please?

Sure, although it might be tomorrow night before I get time.  What were
the changes you made to the setup.hint for base-[file/passwd] btw?

J.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: base-passwd: postinstall script too open permissions
  2008-08-20  8:35 ` John Morrison
@ 2008-08-20  9:14   ` Corinna Vinschen
  0 siblings, 0 replies; 3+ messages in thread
From: Corinna Vinschen @ 2008-08-20  9:14 UTC (permalink / raw)
  To: cygwin-apps

On Aug 20 09:34, John Morrison wrote:
> On Wed, August 20, 2008 9:14 am, Corinna Vinschen wrote:
> > Hi John,
> >
> > do you remember the reason why the passwd-grp.sh postinstall script
> > calls
> >
> >   chmod 777 /etc/passwd
> >   chmod 777 /etc/group
> >
> > ?  That's not right, IMO.  The permissions should rather be 644 and
> > not allow writing for everyone.
> >
> > Along the same lines, the `chmod a+w' calls in the second half of the
> > script should better just be `chmod u+w'.
> >
> > Would you mind to change that, please?
> 
> Sure, although it might be tomorrow night before I get time.  What were
> the changes you made to the setup.hint for base-[file/passwd] btw?

It only depends on base-cygwin now:

  requires: base-cygwin

We must make sure that base-cygwin is the first in the dependency order,
then base-passwd.  I'm not sure yet about base-files.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2008-08-20  9:14 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-08-20  8:13 base-passwd: postinstall script too open permissions Corinna Vinschen
2008-08-20  8:35 ` John Morrison
2008-08-20  9:14   ` Corinna Vinschen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).