Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 7 Jul 2012 18:01:58 -0400
From:      grarpamp <grarpamp@gmail.com>
To:        freebsd-ports@freebsd.org
Subject:   Standard file permissions for /usr/local
Message-ID:  <CAD2Ti29f1M_KCR19o9gSJNxRe7=gWDiMcaV6W9qhsziFONBBQA@mail.gmail.com>

next in thread | raw e-mail | index | archive | help
Given a /usr/local populated only by ports (more specifically,
packages), we have the following stats...

/usr/local

54378 -r--r--r--
   1 -r-sr-xr-x
1505 -r-xr-xr-x
21790 -rw-r--r--
   9 -rw-rw-r--
   1 -rws--x--x
   1 -rwsr-x---
   1 -rwsr-xr--
   4 -rwsr-xr-x
   4 -rwxr-sr-x
3515 -rwxr-xr-x
   1 drwx------
6064 drwxr-xr-x
   1 drwxrwsr-x
1638 lrwxr-xr-x
   1 lrwxrwxrwx

For /usr, we have...

24907 -r--r--r--
   4 -r-sr-sr-x
   3 -r-sr-x---
  24 -r-sr-xr-x
   8 -r-xr-sr-x
 786 -r-xr-xr-x
   2 -rw-------
   8 -rw-r--r--
   1 -rwxr-xr-x
1284 drwxr-xr-x
   1 drwxrwxrwt
 947 lrwxr-xr-x
  34 lrwxrwxrwx

Am I to, or should I, believe that there is some standard or preference
such that files should not have mode u+w?

Let's take a look at etc' s 'configurables area' too...

/usr/local/etc

 198 -r--r--r--
  19 -r-xr-xr-x
  40 -rw-r--r--
   1 drwx------
  77 drwxr-xr-x
  16 lrwxr-xr-x

/etc

  25 -r--r--r--
   1 -r-x------
 153 -r-xr-xr-x
  20 -rw-------
   1 -rw-r-----
 121 -rw-r--r--
   1 -rw-rw-r--
   6 -rwx------
  57 -rwxr-xr-x
   2 drwx------
  25 drwxr-xr-x
   3 lrwxr-xr-x
   4 lrwxrwxrwx

Now see that I have amended my /usr/local perms after install such that
root can more easily manage that tree. (I could have just as easily conformed
it to u-w).

76179 -rw-r--r--
   1 -rwsr-xr-x
5029 -rwxr-xr-x
6066 drwxr-xr-x
1639 lrwxr-xr-x

I don't see the point in making things mode u-w?
'Security' cannot be the case, as even setting dirs u-w, schg, capabilities,
read-only mount, etc will make no difference... for root, it's only annoying for
a moment.

What standard / guide am I missing that says u-w is the way (for at least
the large majority of the files in the first two counts above)?



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD2Ti29f1M_KCR19o9gSJNxRe7=gWDiMcaV6W9qhsziFONBBQA>