How secure is UNIX?

karish at mindcrf.UUCP karish at mindcrf.UUCP
Wed May 30 10:24:34 AEST 1990


In article <MONTNARO.90May29111606 at spyder.crd.ge.com> montanaro at crdgw1.ge.com
(Skip Montanaro) writes:
>Shouldn't the ftp daemon on the receiving end set the file permissions
>pessimistically? On Suns at least, the mode on the receiving end is 666.
>(Ultrix appears to set the mode to 644, which for the current discussion is
>no better than 666.) If the modes are going to be mangled, I'd rather they
>were mangled to 600. The case of ~/.netrc is just one problem. As another
>example, mail files often contain sensitive information (like passwords :-).
>Having them created mode 666 can be just as damaging.


The receiving-end ftp daemon should set file access modes using the
system's default umask.  If a file contains sensitive data, it
should be restored into a directory with secure access modes and
kept there until the file's access modes can be corrected.  This is
all under the control of the user.

If you want a more user-friendly utility for this purpose, use 'rcp',
which preserves modes.

-- 

	Chuck Karish		karish at mindcraft.com
	Mindcraft, Inc.		(415) 323-9000		



More information about the Comp.unix.questions mailing list