On Fri, 2002-02-08 at 05:39, Pixel wrote: > Bryan Paxton <[EMAIL PROTECTED]> writes: > > > > > Hmmmm, you usually have to be root to exec the scripts in there anyway? > > But for the sake of argument, s/700/711/ or s/700/751/ > > no 744 is nice so you can see what's in the script. And execute bit on scripts > in not enough, so 711 is of no use.
eh, I don't think non-superusers should be allowed to view init scripts. > > > > -/home/* current 755 > > > > +/home/* current 711 > > > > > > that is friendly :-( > > > i hate it > > > > > > > You like it when anyone on the system can browse your $HOME ? : ) > > yes! How do you share your .emacs without this ;p HAHA : ) > Most programs restrict further accessq when the data are > personal/sensitive (eg: mails, .netrc, .rhosts, .ssh ...) > > > I tend to agree with > > RMS > "Certain circles of administrators feel that password protection and > security implementations in general are unethical and should not be used" > > and Larry Wall (from perlmodlib(1)) > "Perl doesn't have an infatuation with enforced privacy. It would prefer > that you stayed out of its living room because you weren't invited, not > because it has a shotgun." I am not of this view... The view I hold is thus: I trust software as far as I can throw it, and you can't throw software... With that in mind, I am all for privacy, and I do use security through obscurity on a few levels (file systems, network services, remote network view, etc..) when it comes to my box. I do admit, I can be overzealous at times, I may be on this one ($HOMEs == 755), not sure though, can't step outside my view on this particular subject : ) You're probably on the more sane end though : ) -- Bryan Paxton Public PGP key: http://www.deadhorse.net/bpaxton.gpg "Winning gives birth to hostility. Losing, one lies down in pain. The calmed lie down with ease, having set winning & losing aside." Dhp. 201