peter@hp-pcd.UUCP (01/30/84)
According to Berkeley documentation, HIER(7), /usr/preserve is the directory where editor temporaries are preserved after crashes or hangups. As distributed on 4.1, it comes with "drwxr-xr-x root" permissions. A question has come up if this shouldn't really be writable to everyone. The directory certainly looks harmless enough. Does anyone know of a reason why it shouldn't be opened up for all accesses? Are there any security holes created by doing so? Alternatively, should it work as it stands? We have been having some problems with EMACS after stopping and resuming that point to this directory. Thanks for any information, Peter Robinson Hewlett-Packard PCD Corvallis, OR {ucbvax!hplabs,harpo,ogcvax}!hp-pcd!peter
Lepreau@UTAH-20.ARPA (02/02/84)
From: Jay Lepreau <Lepreau@UTAH-20.ARPA> I looked into this awhile ago, and it appeared to me that as ex.recover and preserve are written, making /usr/preserve 777 would open up a hole. Those programs should work, at least in 4.2, with it 755 (they are setuid). Have CCA emacs put its files somewhere else, say /usr/tmp. No guarantees above is correct, I only took a quick look. {hplabs,harpo}!utah-cs!lepreau -------