[nSLUG] 711 permissions for /?

Daniel Morrison draker at gmail.com
Sun Mar 1 17:35:59 AST 2009


Hi,

711 permissions on "/" sounds like an attempt at "security through
obscurity"... but in any case, what is the problem, exactly?

Why wouldn't

2009/3/1 George N. White III <gnwiii at gmail.com>:
> { cd / && rm -rf "$tmpdir"; }

work as expected?

> $tmpdir is a scratch directory created by the script.  The reasoning
> is that you need to ensure
> that the current directory is not under tmpdir

Why?

~$ mkdir -p /tmp/mytext/test
~$ cd /tmp/mytext/test
/tmp/mytext/test$ rm -rf /tmp/mytext
/tmp/mytext/test$ ls -la
total 0
/tmp/mytext/test$ cd
~$ cd -
-bash: cd: /tmp/mytext/test: No such file or directory

(if anyone wonders what 'mytext' is: since we're talking about a TeX
install, I tried to write 'mytex', and my fingers autocompleted :)

> 1) Has anybody seen a discussion of using 711 permissions for "/"?

No... I looked in the Linux Filesystem Hierarchy Standard, but it
doesn't seem to specify permissions for "/" (but maybe I didn't look
hard enough).

> 2) What other recipes are recommended?  "cd $HOME" can't be used because some
> "admin" accounts may not have a $HOME.

How about "cd /tmp/" ?

-D.



More information about the nSLUG mailing list