world writeable files?
tbone
writeable files on my system and there are about 5-10 pages of them.
Will I break anything by removing those world writeable permissions?
Is there an easy command to remove world writeable permissions on all
of the files in the whole file system?
Nico Kadel-Garcia
It depends on the file. Such files are *usually* an error. But /dev/
null, for example, really needs that permission, so it would be *BAD*
to do "chmod -R o-w /". Of such commands are madness created.
Perhaps you could publish your list?
Nico Kadel-Garcia
And you're not counting symlinks and pipes, are you?
Grant
>On Dec 16, 1:45 pm, tbone <tony.desp...@gmail.com> wrote:
>> Are world writeable files necessary? I can list all the world
>> writeable files on my system and there are about 5-10 pages of them.
>> Will I break anything by removing those world writeable permissions?
>> Is there an easy command to remove world writeable permissions on all
>> of the files in the whole file system?
>
>It depends on the file. Such files are *usually* an error.
I have one world writable directory (public) on a web server for
.cgi to write a form results file as nobody:nobody. Any others
would be set by distro or installed apps.
~$ ls -l /home/web/bugsplatter/cc2ip/
total 36
drwxr-x--- 2 grant wheel 160 2009-12-15 07:21 archive/
-r-sr-xr-x 1 grant wheel 3104 2009-05-01 12:01 cc2ip.cgi*
-rwxr-xr-x 1 grant users 12356 2009-12-15 19:56 index.html*
-rwxr-xr-x 1 grant wheel 11856 2009-12-15 07:21 index.html.src*
-rwxr-xr-x 1 grant wheel 444 2008-10-05 09:07 lookup-ip*
drwxr-xrwx 2 grant wheel 424 2009-12-16 02:17 public/
drwxr-x--- 2 grant wheel 128 2009-11-22 06:11 server/
> But /dev/
>null, for example, really needs that permission, so it would be *BAD*
>to do "chmod -R o-w /". Of such commands are madness created.
>
>Perhaps you could publish your list?
Good idea.
Grant.
--
http://bugsplatter.id.au
unruh
You may. Some files are there for people to write to. This may include
log files used by programs running under the user permissions.
Why not look at them?
Users migh t twant to allow others to write to their files. Tex font
generation wants all users to be able to generate the fonts, etc.
find / -perm -o=w -print0 |xargs -0 rm -f
will remove them all. It may also break your system.
Grant
That command doesn't discriminate the symlinks --> dangerous!
>will remove them all. It may also break your system.
Very likely break something.
Grant.
--
http://bugsplatter.id.au
Nico Kadel-Garcia
> On Wed, 16 Dec 2009 21:50:48 GMT, unruh <un...@wormhole.physics.ubc.ca> wrote:
> >> Are world writeable files necessary? I can list all the world
> >> writeable files on my system and there are about 5-10 pages of them.
> >> Will I break anything by removing those world writeable permissions?
> >> Is there an easy command to remove world writeable permissions on all
> >> of the files in the whole file system?
>
> >You may. Some files are there for people to write to. This may include
> >log files used by programs running under the user permissions.
> >Why not look at them?
> >Users migh t twant to allow others to write to their files. Tex font
> >generation wants all users to be able to generate the fonts, etc.
>
> >find / -perm -o=w -print0 |xargs -0 rm -f
>
> That command doesn't discriminate the symlinks --> dangerous!
>
> >will remove them all. It may also break your system.
>
> Very likely break something.
>
> Grant.
> --http://bugsplatter.id.au
Deleting /dev/null will *COMPLETELY* mess up your system.
unruh
> On Wed, 16 Dec 2009 21:50:48 GMT, unruh <un...@wormhole.physics.ubc.ca> wrote:
>
>>On 2009-12-16, tbone <tony.d...@gmail.com> wrote:
>>> Are world writeable files necessary? I can list all the world
>>> writeable files on my system and there are about 5-10 pages of them.
>>> Will I break anything by removing those world writeable permissions?
>>> Is there an easy command to remove world writeable permissions on all
>>> of the files in the whole file system?
>>
>>You may. Some files are there for people to write to. This may include
>>log files used by programs running under the user permissions.
>>Why not look at them?
>>Users migh t twant to allow others to write to their files. Tex font
>>generation wants all users to be able to generate the fonts, etc.
>>
>>find / -perm -o=w -print0 |xargs -0 rm -f
>
> That command doesn't discriminate the symlinks --> dangerous!
Or the directories-- even more dangerous, although rm should not remove
those.
Of course instead of rm -f you could use "chmod o-w" instead which is
probably more like what he wanted.
find / -type f -perm -o=w -print0|xargs -0 chmod o-w
.
Probably put in a -type f
in there are well. And a bunch of excludes.
Wanna-Be Sys Admin
> Are world writeable files necessary?
Depends. It can be better or worse. Is this a system shared by other
users that could be up to no good? Are you the sole user on the
system? Is the system attached to a network that can be accessed over
the Internet or other?
> I can list all the world
> writeable files on my system and there are about 5-10 pages of them.
Okay?
> Will I break anything by removing those world writeable permissions?
Maybe. Depends on what the program or script that accesses them needs.
> Is there an easy command to remove world writeable permissions on all
> of the files in the whole file system?
Yes, but you might not want to just do that without knowing if that's a
good idea.
--
Not really a wanna-be, but I don't know everything.
Nico Kadel-Garcia
> tbone wrote:
> > Are world writeable files necessary?
>
> Depends. It can be better or worse. Is this a system shared by other
> users that could be up to no good? Are you the sole user on the
> system? Is the system attached to a network that can be accessed over
> the Internet or other?
>
> > I can list all the world
> > writeable files on my system and there are about 5-10 pages of them.
>
> Okay?
Almost all of those are *probably* symlinks, which show up with world
write permissions even when their target file or directory is not set
up that way. The actual list is usually much smaller.
> > Will I break anything by removing those world writeable permissions?
>
> Maybe. Depends on what the program or script that accesses them needs.
In detail, almost always. /dev/null alone would break an incredible
amount of software if universal write is removed.
> > Is there an easy command to remove world writeable permissions on all
> > of the files in the whole file system?
>
> Yes, but you might not want to just do that without knowing if that's a
> good idea.
> --
> Not really a wanna-be, but I don't know everything.
Amen. The list needs careful review.
Wanna-Be Sys Admin
> On Dec 27, 6:20 am, Wanna-Be Sys Admin <sysad...@example.com> wrote:
>> tbone wrote:
>> > Are world writeable files necessary?
>>
>> Depends. It can be better or worse. Is this a system shared by
>> other users that could be up to no good? Are you the sole user on
>> the system? Is the system attached to a network that can be accessed
>> over the Internet or other?
>>
>> > I can list all the world
>> > writeable files on my system and there are about 5-10 pages of
>> > them.
>>
>> Okay?
>
> Almost all of those are *probably* symlinks,
Maybe, we have no way to know that's the case. It depends how they
listed them and what command they might have used to search/find them.
> which show up with world
> write permissions even when their target file or directory is not set
> up that way.
Well, I don't agree that they show as world writeable. lxrw.... looks
different than dxrw or -rxrw. A find command will show the difference,
as other commands can, so it just dpends.
> The actual list is usually much smaller.
If it's a system with users that upload scripts and follow their (often
dangerous) suggestion of what to set permissions to, it can be dozens
of pages of matches, so it depends on their system, users, etc.
>> > Will I break anything by removing those world writeable
>> > permissions?
>>
>> Maybe. Depends on what the program or script that accesses them
>> needs.
>
> In detail, almost always. /dev/null alone would break an incredible
> amount of software if universal write is removed.
Actually, I assumed they were speaking of user files, not system files,
but yes, files such as /dev/null would cause some breakage. I'm
speaking in terms of even user files, though that's less detremental to
the system at least on a user level.
>> > Is there an easy command to remove world writeable permissions on
>> > all of the files in the whole file system?
>>
>> Yes, but you might not want to just do that without knowing if that's
>> a good idea.
>> --
>> Not really a wanna-be, but I don't know everything.
Please don't quote signatures, mine is valid, so your news reader might
be broken, old, a poor choice, or somehow misconfigured.
> Amen. The list needs careful review.
Yeah, I think we can all agree on that. They need to post some examples
or explain the system's set up, or something to get any advice.
Mikhail Zotov
unruh <un...@wormhole.physics.ubc.ca> wrote:
...
> >>Tex font
> >>generation wants all users to be able to generate the fonts, etc.
AFAICT, both tetex and texlive are by default configured in such
a way that fonts are created in each user's home directory.
--
Mikhail
unruh
That depends on your distro. It is also very silly and wasteful, since
all of your users are liable to want the same fonts, and having 130
different copies of the same ( largish) files is just dumb.
>
Eric Pozharski
> On 2009-12-31, Mikhail Zotov <invalid...@lenta.ru> wrote:
>> On Wed, 16 Dec 2009 23:18:03 GMT
>> unruh <un...@wormhole.physics.ubc.ca> wrote:
>> ...
>>> >>Tex font
>>> >>generation wants all users to be able to generate the fonts, etc.
>>
>> AFAICT, both tetex and texlive are by default configured in such
>> a way that fonts are created in each user's home directory.
TeTeX is TeX Live now.
> That depends on your distro.
What distro? (just to make sure I've got it right)
> It is also very silly and wasteful, since
> all of your users are liable to want the same fonts, and having 130
> different copies of the same ( largish) files is just dumb.
And trust in 129 users with doubtful competence is neither silly nor
wasteful? Result of my work depends on that cache. And about largish:
{126809:256} [0:1]% du ~/.texmf-var
840 /home/whynot/.texmf-var/fonts/pk/ljfour/lh/lh-t2a
844 /home/whynot/.texmf-var/fonts/pk/ljfour/lh
60 /home/whynot/.texmf-var/fonts/pk/ljfour/jknappen/ec
64 /home/whynot/.texmf-var/fonts/pk/ljfour/jknappen
912 /home/whynot/.texmf-var/fonts/pk/ljfour
916 /home/whynot/.texmf-var/fonts/pk
112 /home/whynot/.texmf-var/fonts/tfm/lh/lh-t2a
116 /home/whynot/.texmf-var/fonts/tfm/lh
120 /home/whynot/.texmf-var/fonts/tfm
48 /home/whynot/.texmf-var/fonts/source/lh/lh-t2a
52 /home/whynot/.texmf-var/fonts/source/lh
56 /home/whynot/.texmf-var/fonts/source
1096 /home/whynot/.texmf-var/fonts
1100 /home/whynot/.texmf-var
Although -- yes, I've set my crontab apropriately.
--
Torvalds' goal for Linux is very simple: World Domination
Stallman's goal for GNU is even simpler: Freedom
unruh
> On 2009-12-31, unruh <un...@wormhole.physics.ubc.ca> wrote:
>> On 2009-12-31, Mikhail Zotov <invalid...@lenta.ru> wrote:
>>> On Wed, 16 Dec 2009 23:18:03 GMT
>>> unruh <un...@wormhole.physics.ubc.ca> wrote:
>>> ...
>>>> >>Tex font
>>>> >>generation wants all users to be able to generate the fonts, etc.
>>>
>>> AFAICT, both tetex and texlive are by default configured in such
>>> a way that fonts are created in each user's home directory.
>
> TeTeX is TeX Live now.
No. texlive is an implimentation of tex which has taken over from
tetex by default.
From TeTex web page
teTeX is a complete TeX distribution for UNIX compatible systems,
maintained by me, Thomas Esser
From Tex Live
TeX Live has been developed since 1996 by collaboration between the TeX
user groups. TeX Live was originally perpetrated by Sebastian Rahtz.
Different projects, although Esser has ceased development of TeTex.
>
>> That depends on your distro.
>
> What distro? (just to make sure I've got it right)
Mandriva.
>
>> It is also very silly and wasteful, since
>> all of your users are liable to want the same fonts, and having 130
>> different copies of the same ( largish) files is just dumb.
>
> And trust in 129 users with doubtful competence is neither silly nor
> wasteful? Result of my work depends on that cache. And about largish:
??? If they are of doubtful competence, their ability to create problems
is minimal.
...
> Although -- yes, I've set my crontab apropriately.
Oo good. So each time you run tex you have to recreate the fonts.
Wonderful. You are of course free to do whatever you want on your
machine(s).
>
>
Eric Pozharski
> On 2010-01-01, Eric Pozharski <why...@pozharski.name> wrote:
>> On 2009-12-31, unruh <un...@wormhole.physics.ubc.ca> wrote:
>>> On 2009-12-31, Mikhail Zotov <invalid...@lenta.ru> wrote:
>>>> AFAICT, both tetex and texlive are by default configured in such
>>>> a way that fonts are created in each user's home directory.
>>
>> TeTeX is TeX Live now.
>
> No. texlive is an implimentation of tex which has taken over from
> tetex by default.
No. TeX Live, teTeX, MiKTex etc are *distributions* (however, not anything
ending with TeX and distributed on CTAN is distribution) (although the
word "implementation" is somewhat abused in TeX world). While TeX is
a macro processor
(http://www.tex.ac.uk/cgi-bin/texfaq2html?label=whatTeX). From my POV,
'TeX distribution' is TeX kernel (precompiled or not) + portion of
ctan:// + distribution specific tools. Prove me wrong.
As of teTeX and TeX Live relations:
http://article.gmane.org/gmane.comp.tex.tetex.beta/812
Basically, teTeX consists of a source tree and a texmf tree with
fonts, macros, configuration, etc.
The source tree of teTeX-3.0 is included 100% in TeX Live
*SKIP*
>>> That depends on your distro.
>>
>> What distro? (just to make sure I've got it right)
>
> Mandriva.
/me relaxes. I'm pleased to see no bubuntu out there.
>>> It is also very silly and wasteful, since
>>> all of your users are liable to want the same fonts, and having 130
>>> different copies of the same ( largish) files is just dumb.
>>
>> And trust in 129 users with doubtful competence is neither silly nor
>> wasteful? Result of my work depends on that cache. And about largish:
>
> ??? If they are of doubtful competence, their ability to create problems
> is minimal.
Really?
>> Although -- yes, I've set my crontab apropriately.
>
> Oo good. So each time you run tex you have to recreate the fonts.
> Wonderful. You are of course free to do whatever you want on your
> machine(s).
11 6 * * * find ${HOME}/.texmf-var -mindepth 1 -type f -atime +35 -exec rm -v \{\} \; ; find ${HOME}/.texmf-var -mindepth 1 -type d -empty -mtime +3 -exec rm -vr \{\} \;
Remains of time when I was short on disk. And since there's no 'ls-R'
no need to run 'mktexlsr' either.
Mikhail Zotov
Eric Pozharski <why...@pozharski.name> wrote:
> On 2009-12-31, unruh <un...@wormhole.physics.ubc.ca> wrote:
> > On 2009-12-31, Mikhail Zotov <invalid...@lenta.ru> wrote:
> >> On Wed, 16 Dec 2009 23:18:03 GMT
> >> unruh <un...@wormhole.physics.ubc.ca> wrote:
> >> ...
> >>> >>Tex font
> >>> >>generation wants all users to be able to generate the fonts, etc.
> >>
> >> AFAICT, both tetex and texlive are by default configured in such
> >> a way that fonts are created in each user's home directory.
>
> TeTeX is TeX Live now.
>
> > That depends on your distro.
>
> What distro? (just to make sure I've got it right)
Don't check a distro, check pathto/texmf/web2c/texmf.cnf
for the VARTEXFONTS variable.
--
Mikhail