According to Chris G. Demetriou:
>
>> 	After updating the system name/version in /etc/motd, rc.local
>> 	proceeds to make it world writable.
>
>that's a feature, not a bug.  It was shipped that way from UCB, and
>it seems rational to me.
>
>There's a reason it's in rc.local.
>

Ummm what is the reason?  I know that Sun ship their system the same
way - I changed rc.local to make the motd mode 644.  Yeah sure, I know
the reasons about putting informative messages into the motd *BUT* it
does open you up to idiots putting "the sysadmin sux" type messages in
motd or, worse, the basis for a denial of service attack by putting
some escape sequence in there.

Considering the stance on security in the rest of the system then a
world writable motd seems a bit of an anachronism.  How about making
it 644 by default and putting a comment in the rc.local telling people
how to change it if they want the file world writable?

-- 
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
===============================================================================
"Where a calculator on the ENIAC is equipped with 18,000 vacuum tubes
and weighs 30 tons, computers in the future may have only 1,000 vacuum
tubes and perhaps weigh 1 1/2 tons."
                -- Popular Mechanics, March 1949

------------------------------------------------------------------------------