On Wed, 2012-02-29 at 13:21 +0000, jb wrote: > jb <jb.1234abcd <at> gmail.com> writes: > > > ... > > I would suggest (if you can) that you change the .seq permissions to 0664 and > > watch what happens to it - the purpose is to narrow down who/what changed its > > mode. > > Some history. logs. and some ad hoc "watch script" would do it. > > Take a look at "notify" feature (file, dir, event). > http://www.freebsd.org/cgi/ports.cgi?query=notify&stype=all > jb I don't understand why everyone is focused on the 641 mode the file ends up with. The code creates the file using 0661, and under a umask of 022 you end up with a file with 0641 permissions. How the write bit disppeared from the group permissions doesn't seem to be germane to the real question of why the code specifies world-exec access. I don't think it's a legitimate attempt to leverage the negative permissions quirk, because it doesn't effectively do so. It's not a directory or executable file in the first place, so making it executable for everyone except the owner and group is not some sort of subtle security trick, it's just meaningless. I think the code is long overdue for a fix to 0660 permissions when creating the file. -- IanReceived on Wed Feb 29 2012 - 14:00:28 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:24 UTC