Subject: Re: misc/3763: security doesn't check /etc/profile
To: None <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 06/18/1997 17:52:32
>>Synopsis: /etc/security doesn't check /etc/profile
>The /etc/security script, which checks umask values for root, checks
>/etc/csh.login, /etc/csh.cshrc, /root/.login, and /root/.cshrc for the
>C shell. For the Bourne shell, however, it only checks
>/root/.profile, when /etc/profile should also be checked.
i've often wondered about the ass-backwards way that umasks are
checked in these shell startup files...
wouldn't it be much better to do something akin to
if [ `sh -c 'umask 777 ; . /etc/profile ; umask'` = 777]; then
echo /etc/profile doesn't set root umask
if [ `csh -c 'umask 777 ; source /etc/csh.cshrc ; umask'` = 777]; then
echo /etc/csh.cshrc doesn't set root umask
to find out authoritatively whether or not they set it? this is, of
course, assuming they don't run any nasty programs...
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org (TheMan) * "ah! i see you have the internet
email@example.com that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."