[nSLUG] 711 permissions for /?

George N. White III gnwiii at gmail.com
Sun Mar 1 14:58:56 AST 2009


A TeX administrator reported a problem on an RHEL system.   Some of
the scripts used to manage TeX have:

{ cd / && rm -rf "$tmpdir"; }

$tmpdir is a scratch directory created by the script.  The reasoning
is that you need to ensure
that the current directory is not under tmpdir, and "/" is the one
place you can count on.  The
problem comes because many sites have a TeX administrator who "owns"
the files in some
TeX install directory.   The problem scripts have been in use for many years.

On the RHEL system in question:

~> ls -ld /
drwx--x--x  ... /

The TeX administrator doesn't know why this was done, but I assume it
is for security (just as
having TeX admin done by a regular user is done for security).

1) Has anybody seen a discussion of using 711 permissions for "/"?

2) What other recipes are recommended?  "cd $HOME" can't be used because some
"admin" accounts may not have a $HOME.

-- 
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia



More information about the nSLUG mailing list