From owner-freebsd-ports@FreeBSD.ORG Sat Jul 7 22:01:59 2012 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7E2EC106566B for ; Sat, 7 Jul 2012 22:01:59 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 471588FC1F for ; Sat, 7 Jul 2012 22:01:59 +0000 (UTC) Received: by obbun3 with SMTP id un3so21567360obb.13 for ; Sat, 07 Jul 2012 15:01:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=rH3wQtZinfdXawRBaVydjTRmx8m0gLKo5sxdXuaeHq0=; b=WcIg2cenfO+CGP/UsU4p6I3Tmb74iOUoyODglOxd/wGOzEcGPTsr2MLgL+sB9yv59l aWTbUruExUSORERlwN4Qx3DnJ+N87bsojPeMqWbFaO+cHyIy3xrZoXss4zbaEve1pvyT 0OY6mYnWHwX21Igw8WepmdNfdy+oRL57POgp2ozdzrh5n6AaxG/mjrxdyS41nnnlXcFc b4bKHqydX2s/oGAcd9Zg11+bZEtpLFOwMQJPIBlrvPIH3zxrBJjQzaBYdm/heP5sXd7D mgWxzgh08zmCHBBGpO1zy8J+svZNkwqx0MflS8MnK7d2VTkYOp/Mbb94RkvGP+sNF44r Snow== MIME-Version: 1.0 Received: by 10.182.192.41 with SMTP id hd9mr30744472obc.17.1341698518522; Sat, 07 Jul 2012 15:01:58 -0700 (PDT) Received: by 10.76.81.10 with HTTP; Sat, 7 Jul 2012 15:01:58 -0700 (PDT) Date: Sat, 7 Jul 2012 18:01:58 -0400 Message-ID: From: grarpamp To: freebsd-ports@freebsd.org Content-Type: text/plain; charset=UTF-8 Subject: Standard file permissions for /usr/local X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jul 2012 22:01:59 -0000 Given a /usr/local populated only by ports (more specifically, packages), we have the following stats... /usr/local 54378 -r--r--r-- 1 -r-sr-xr-x 1505 -r-xr-xr-x 21790 -rw-r--r-- 9 -rw-rw-r-- 1 -rws--x--x 1 -rwsr-x--- 1 -rwsr-xr-- 4 -rwsr-xr-x 4 -rwxr-sr-x 3515 -rwxr-xr-x 1 drwx------ 6064 drwxr-xr-x 1 drwxrwsr-x 1638 lrwxr-xr-x 1 lrwxrwxrwx For /usr, we have... 24907 -r--r--r-- 4 -r-sr-sr-x 3 -r-sr-x--- 24 -r-sr-xr-x 8 -r-xr-sr-x 786 -r-xr-xr-x 2 -rw------- 8 -rw-r--r-- 1 -rwxr-xr-x 1284 drwxr-xr-x 1 drwxrwxrwt 947 lrwxr-xr-x 34 lrwxrwxrwx Am I to, or should I, believe that there is some standard or preference such that files should not have mode u+w? Let's take a look at etc' s 'configurables area' too... /usr/local/etc 198 -r--r--r-- 19 -r-xr-xr-x 40 -rw-r--r-- 1 drwx------ 77 drwxr-xr-x 16 lrwxr-xr-x /etc 25 -r--r--r-- 1 -r-x------ 153 -r-xr-xr-x 20 -rw------- 1 -rw-r----- 121 -rw-r--r-- 1 -rw-rw-r-- 6 -rwx------ 57 -rwxr-xr-x 2 drwx------ 25 drwxr-xr-x 3 lrwxr-xr-x 4 lrwxrwxrwx Now see that I have amended my /usr/local perms after install such that root can more easily manage that tree. (I could have just as easily conformed it to u-w). 76179 -rw-r--r-- 1 -rwsr-xr-x 5029 -rwxr-xr-x 6066 drwxr-xr-x 1639 lrwxr-xr-x I don't see the point in making things mode u-w? 'Security' cannot be the case, as even setting dirs u-w, schg, capabilities, read-only mount, etc will make no difference... for root, it's only annoying for a moment. What standard / guide am I missing that says u-w is the way (for at least the large majority of the files in the first two counts above)?