How secure is UNIX?
karish at mindcrf.UUCP
karish at mindcrf.UUCP
Wed May 30 10:24:34 AEST 1990
In article <MONTNARO.90May29111606 at spyder.crd.ge.com> montanaro at crdgw1.ge.com
(Skip Montanaro) writes:
>Shouldn't the ftp daemon on the receiving end set the file permissions
>pessimistically? On Suns at least, the mode on the receiving end is 666.
>(Ultrix appears to set the mode to 644, which for the current discussion is
>no better than 666.) If the modes are going to be mangled, I'd rather they
>were mangled to 600. The case of ~/.netrc is just one problem. As another
>example, mail files often contain sensitive information (like passwords :-).
>Having them created mode 666 can be just as damaging.
The receiving-end ftp daemon should set file access modes using the
system's default umask. If a file contains sensitive data, it
should be restored into a directory with secure access modes and
kept there until the file's access modes can be corrected. This is
all under the control of the user.
If you want a more user-friendly utility for this purpose, use 'rcp',
which preserves modes.
--
Chuck Karish karish at mindcraft.com
Mindcraft, Inc. (415) 323-9000
More information about the Comp.unix.questions
mailing list