From owner-freebsd-security@FreeBSD.ORG Fri Mar 6 04:07:18 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 997D0106564A for ; Fri, 6 Mar 2009 04:07:18 +0000 (UTC) (envelope-from jahilliya@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.177]) by mx1.freebsd.org (Postfix) with ESMTP id 339198FC08 for ; Fri, 6 Mar 2009 04:07:18 +0000 (UTC) (envelope-from jahilliya@gmail.com) Received: by wa-out-1112.google.com with SMTP id k34so190281wah.27 for ; Thu, 05 Mar 2009 20:07:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:subject:from:to:cc :in-reply-to:references:content-type:organization:date:message-id :mime-version:x-mailer:content-transfer-encoding; bh=YNw/B5aYIETHMXGl69bDZLWPlq+AdhJzdXA3U/6Tgko=; b=IHxoEo5i6ScIMg3NOk0d1SMaMmazM+nHZ5aeiX+hor2wCzisGY2FbYGhCpeRc1od0M B8QllLBiA+ng4qn2pERR54s+phR5VNFF7MLdzkTm30W2Dzb/uql5OhqCWZye4XkfCI9Q Ea/6RZZ5Ao+YYKtGlGeNGCBXCBdj34BlK55Kw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:from:to:cc:in-reply-to:references:content-type:organization :date:message-id:mime-version:x-mailer:content-transfer-encoding; b=fI4PwmFHoub0UGy9I1Jgl2C/Lzp+N3rxWF+isn03fS65hoev3oHlsbQK+sfY8dw//h 1fAlC0psxisp+sByYiH/6h+G9xZuc/wn6NJynEImSvQ89cwSHYkSRp1rvd+pgZAkWzWs lHWh9/fHP8f9ZFjEUbSC+veTQG0Tw5G/QfrSM= Received: by 10.115.60.1 with SMTP id n1mr1219991wak.113.1236312437911; Thu, 05 Mar 2009 20:07:17 -0800 (PST) Received: from ?172.31.254.159? (brdr-r1.itma.com.au [218.214.217.114]) by mx.google.com with ESMTPS id t1sm1967477poh.7.2009.03.05.20.07.15 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 05 Mar 2009 20:07:17 -0800 (PST) From: Daniel Marsh To: Randy Bush In-Reply-To: References: Content-Type: text/plain Organization: STIW Date: Fri, 06 Mar 2009 13:04:24 +0900 Message-Id: <1236312264.7184.1.camel@yog-sothoth.rlyeh> Mime-Version: 1.0 X-Mailer: Evolution 2.24.1.1 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org Subject: Re: emacs installs a lot of 777 directories X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2009 04:07:18 -0000 On Fri, 2009-03-06 at 11:15 +0900, Randy Bush wrote: > foo.on.you:/usr/local/share# find . -type d -perm 777 > ./emacs/22.3/etc/tree-widget > ./emacs/22.3/etc/tree-widget/folder > ./emacs/22.3/etc/tree-widget/default > ./emacs/22.3/etc/e > ./emacs/22.3/etc/images > ./emacs/22.3/etc/images/low-color > ./emacs/22.3/etc/images/gnus > ./emacs/22.3/etc/images/icons > ./emacs/22.3/etc/images/gud > ./emacs/22.3/etc/images/smilies > ./emacs/22.3/etc/images/mail > ./emacs/22.3/etc/images/ezimage > ./emacs/22.3/lisp > ./emacs/22.3/lisp/net > ./emacs/22.3/lisp/progmodes > ./emacs/22.3/lisp/calc > ./emacs/22.3/lisp/emacs-lisp > ./emacs/22.3/lisp/url > ./emacs/22.3/lisp/emulation > ./emacs/22.3/lisp/play > ./emacs/22.3/lisp/erc > ./emacs/22.3/lisp/term > ./emacs/22.3/lisp/obsolete > ./emacs/22.3/lisp/textmodes > ./emacs/22.3/lisp/mail > ./emacs/22.3/lisp/eshell > ./emacs/22.3/lisp/calendar > ./emacs/22.3/lisp/mh-e > ./emacs/22.3/lisp/international > ./emacs/22.3/lisp/gnus > ./emacs/22.3/lisp/language > ./emacs/22.3/leim/ja-dic > ./emacs/22.3/leim/quail > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" Could this simply be an over promiscuous umask being set when Emacs was installed? ie. umask 000 rather than the default umask 022 for root? I know I get warnings if attempting to install a package with a umask 077 which means no-one except the installer can access the files. Do packages print a warning to screen if umask 000 is set? Regards, Daniel