.forward file seems to be ignored
Matthew Saltzman
mjs at ces.clemson.edu
Mon Jan 9 00:35:43 UTC 2006
On Sun, 8 Jan 2006, Les Mikesell wrote:
> On Sat, 2006-01-07 at 17:56, Tim wrote:
>> On Sat, 2006-01-07 at 20:25 +0100, Alexander Dalloz wrote:
>>> At least now you should get a big fat warning and complaint in your
>>> maillog about the permissions of the .forward file. 'chmod
>>> 640 .forward' it. "/home" is hopefully `chmod 755' and not more (not
>>> world writable).
>>
>> It does seem odd, to me, that many files in our home directories default
>> to being "-rwxrw-rw-". Surely making things readable, by default, to
>> anyone is a bad idea? You're relying on parent directory permissions to
>> protect you from snooping; and sometimes they're not brilliantly set,
>> either. I'd have thought it best to start off with "-rwx------", and
>> let people add permissions when they're necessary.
>
> Unix was developed in a time and place where the purpose of
> a multiuser machine was often so the people using it could share
> things. That doesn't seem to be the case anymore, but you
> have to draw your own conclusions about whether that is
> good or bad.
It's reality. But it would be pretty sad if a modern Unix system required
this kind of slackness for normal day-to-day operation. That's the sort
of thing that we all so enjoy sitting around and bashing Windows for.
Fortunately, the situation is nowhere near that bad. In the present
thread, sendmail is complaining about *lack of* security. The solution is
to make $HOME 700 and .forward 600.
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
More information about the fedora-list
mailing list