[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Feature Request: disallow world-writable files in chmod
From: |
Joseph D. Wagner |
Subject: |
Re: Feature Request: disallow world-writable files in chmod |
Date: |
Thu, 27 Jun 2013 08:21:05 -0700 |
User-agent: |
Roundcube Webmail/0.8.6 |
On 06/26/2013 6:09 pm, Ben Lentz wrote:
I suspect I may get laughed off the list... but would you folks ever
consider restricting the use of chmod such that world-writable files
This will only stop chmod from doing that. If a user has gcc, they can
compile a custom version of chmod to bypass your check. If you want to
guarantee this configuration, you need to modify the kernel so that it
will reject requests from *all* programs to configure permissions in
such a way.
And the kernel devs would never allow it. You may still want to patch
your local systems, either chmod or the kernel. However, this will
not be accepted upstream.
Joseph D. Wagner