On Mon, Jul 27, 2020 at 3:03 PM Paul Eggert <egg...@cs.ucla.edu> wrote: > > On 7/27/20 2:24 PM, Karl Berry wrote: > > https://lists.gnu.org/r/bug-bison/2020-07/msg00042.html > > > > I can understand increasing permissions to allow +rx on installation > > directories, but why force 755, thus disallowing group writability? > > I've never understood this forcing of 755. > > I expect it was by analogy with regular files, where are already forced to use > the equivalent of umask 22 when being installed. > > This could have been a decision I made years ago when modifying GNU 'install' > - > I've forgotten the details. (No doubt it was a good decision at the time. :-)
>From what I recall, we deliberately avoid making installed things group-writable because that would induce a security risk in installations where more than one user is in the same default group. If I install in such an environment (and don't override the group), I don't want a peer to be able to modify what I've just installed.