Re: [vile] Would someone please explain why mods of 0555 are "insceure"?

[Daniel Ellard]

This may be  triggered because the parent directory of /opt/bin is neither you nor root, or is writable by someone else, and therefore vile is cautioning you that xvile or startup scripts in that directory may be overwritten by whomever has write permissions on that directory, and thereby changed to do some nefarious thing.

This can be annoying, but it's a valid concern in most contexts.

-Dan

On Fri, Oct 30, 2015 at 8:47 AM, Steven Lembark <address@hidden> wrote:

And how to turn this off at compile time, if possible.

Using "vile" or "xvile" on anything leaves me in a window with:

    [Skipping '/opt/bin/xvile' (insecure permissions)]
    [Skipping '/opt/bin/xvile' (insecure permissions)]
    [Reading /home/lembark/.vilerc]
    [Read 73 lines from "/home/lembark/.vilerc"]
    [Reading /home/lembark/.vile/filters/filters.rc]
    [Reading /opt/vile/9.8o/share/vile/modes.rc]
    [Reading /opt/vile/9.8o/share/vile/palettes.rc]

Checking the mods:

    $ ls -ld /opt/bin/xvile
    lrwxrwxrwx 1 lembark bin 17 Jul 31 22:19 /opt/bin/xvile -> ../vile/bin/xvile

    $ ls -ld /opt/vile/bin/xvile
    -r-xr-xr-x 1 lembark bin 2208512 Jul 31 22:08 /opt/vile/bin/xvile

The mods on my personal .vile directory are:

    $ ls -ld ~/.vile
    drwxr-xr-x 3 lembark lembark 78 Oct 29 15:23 /home/lembark/.vile

So, either [x]vile is checking the symlink's mods (unlikley) or
is mis-handling the executable mods in some way? Or is read access
to other on the ~/.vile causing the problem?

--
Steven Lembark                                             3646 Flora Pl
Workhorse Computing                                   St Louis, MO 63110
address@hidden                                      +1 888 359 3508

_______________________________________________
vile mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/vile