rms@WHEATIES.AI.MIT.EDU (Richard Stallman) (11/15/88)
I do not believe it is a good thing to have security among the users of a computer system. If I were to distribute files that set the mode to something other than 777, I would in effect be promoting the practice that I do not approve of. Therefore, I don't do it.
jlevy@arisia.Xerox.COM (Jacob Levy) (11/17/88)
In article <8811142028.AA00709@sugar-bombs.ai.mit.edu> rms@WHEATIES.AI.MIT.EDU (Richard Stallman) writes: >I do not believe it is a good thing to have security among the users >of a computer system. If I were to distribute files that set the mode >to something other than 777, I would in effect be promoting the practice >that I do not approve of. Therefore, I don't do it. Yes, but other systems may not subscribe to your beliefs. You're mixing two issues here: (a) the commendable desire to have free software like Gnu Emacs being in wide-spread use, and (b) Your desire to eliminate security and protection. Shouldn't it be possible to use Gnu Emacs (i.e. contribute towards your (a) goal) without subscribing to your (b) goal? Also, shouldn't you warn people about POSSIBLE security holes like the one mentioned, and others which (for all we know, we have not the time to read the code) are intentionally planted? --Jacob Levy
mb@ttidca.TTI.COM (Michael Bloom) (11/17/88)
In article <8811142028.AA00709@sugar-bombs.ai.mit.edu>, rms@WHEATIES.AI.MIT.EDU (Richard Stallman) writes: > I do not believe it is a good thing to have security among the users > of a computer system. If I were to distribute files that set the mode > to something other than 777, I would in effect be promoting the practice > that I do not approve of. Therefore, I don't do it. Perhaps then, the gnu emacs license should state that setting the mode to 0777 is required, and using any other setting will revoke that instance of the license. Is the making of such policy decisions for sites using emacs in line with FSF's goals? If not, does it weaken FSF's message? I personally tend to think that it does, and that such installation site policy be left to the discretion of the site manager, not dictated by the makefile. Likely 99.999% of sites installing emacs are turning off public write access following installation. At a single site, this is a trivial amount of time spent, but it is nonetheless extra work that is being performed at many thousands of sites. I would like to suggest that either the "chmod" be removed, or the mode to use in it be settable in "config.h".
bob@allosaur.cis.ohio-state.edu (Bob Sutterfield) (11/18/88)
In article <447@arisia.Xerox.COM> jlevy@arisia.UUCP (Jacob Levy) writes: >Shouldn't it be possible to use Gnu Emacs (i.e. contribute towards >your (a) goal) without subscribing to your (b) goal ["eliminating >security and protection" - jlevy]? Sure, it's possible. Just modify the top-level Makefile to install things mode 755. You aren't required to install it on your system the way RMS installs it on his. I don't. >Also, shouldn't you warn people about POSSIBLE security holes like >the one mentioned, I don't have time to read all the source that I install, but I certainly look over (at least) the install: targets in all the Makefiles. I don't think you could install Emacs on your own system, with your own local directory arrangement, without customizing (e.g.) LIBDIR and others. While you're in the file, look over the install: target as well. You'll see the mode-777 and can easily change it. If a site wants to run free software and doesn't feel that they have sufficient technical resources to install and support it, they can always hire a consultant to do it for them. >and others which (for all we know, we have not the time to read the >code) are intentionally planted? As with any free software you run on your system, you must trust the character and reputation of the author, and a netful of other experts to point out when the author has erred. When you pay for software, you trust a bunch of lawyers to protect you. Which would you prefer?
chase@Ozona.orc.olivetti.com (David Chase) (11/18/88)
In article <8811142028.AA00709@sugar-bombs.ai.mit.edu> rms@WHEATIES.AI.MIT.EDU (Richard Stallman) writes: >I do not believe it is a good thing to have security among the users >of a computer system. If I were to distribute files that set the mode >to something other than 777, I would in effect be promoting the practice >that I do not approve of. Therefore, I don't do it. Even so, I think this should get a loud mention in the installation notes; you can choose not do or promote things which you do not approve of, but other people (even system administrators) have the right to run their machines the way that they want to. System security is important enough to many people that you should at least point this out. To do otherwise would be sneaky. These people may choose not to run your software because of your decisions, but that is their choice and they have the right to the information they need to make that decision. (One might ask, "what else should we know about GNU emacs that we haven't been told yet?") Another problem is that not everyone works in a computerized utopia in which there are no malicious users, no careless users, and no accidents. I understand that some people feel that malicious users are "produced" by heavy-handed system security, but I just don't believe it. Some of them, maybe; all, not a chance. If, for example, Robert Morris (Jr.) merely wanted to show that he could break in and could crack security, he could have done the research and published it somewhere (a letter to RISKS digest would have been entirely appropriate). I've also run across students whose idea of a good hack involved messing with other students' files, not breaking into the system. Since I can't identify these people until the damage is already done (and maybe not even then), I think a little system security is not a bad idea. David
nate@mipos2.intel.com (Nate Hess) (11/24/88)
In article <3412@ttidca.TTI.COM>, mb@ttidca (Michael Bloom) writes: > rms@WHEATIES.AI.MIT.EDU (Richard Stallman) writes: > > I do not believe it is a good thing to have security among the users > > of a computer system. If I were to distribute files that set the mode > > to something other than 777, I would in effect be promoting the practice > > that I do not approve of. Therefore, I don't do it. >Perhaps then, the gnu emacs license should state that setting the mode to >0777 is required, and using any other setting will revoke that instance of the >license. I don't get the impression that that's what RMS is saying, at all. He's not requiring that the emacs executable be 'chmod'ed to 777; rather he's saying that it would violate his ethical principles to distribute Emacs with anything other than protection bits of 777. Once you get your copy of the Emacs distribution, you're free to change the 777 to whatever you wish. RMS obviously can't "require" that you set the mode to anything. >Is the making of such policy decisions for sites using emacs in line >with FSF's goals? If not, does it weaken FSF's message? >I personally tend to think that it does, and that such installation >site policy be left to the discretion of the site manager, not >dictated by the makefile. Well, "installation site policy" *is* left up to the site manager; anyone installing software who doesn't read through the makefile they're going to be using before typing "make" will have Emacs installed with whatever conventions the creator of the makefile deemed correct/best. It's the installer's responsibility to double check and make sure that those conventions match his/her own. >Likely 99.999% of sites installing emacs are turning off public write access >following installation. At a single site, this is a trivial amount of time >spent, but it is nonetheless extra work that is being performed at many >thousands of sites. It's no extra work at this site, since I don't use the top-level Makefile. If I was using it, however, you can bet I'd read through it, or at least do a "make -n", before running "make". --woodstock -- "What I like is when you're looking and thinking and looking and thinking...and suddenly you wake up." - Hobbes woodstock@sc.intel.com ...!{decwrl|hplabs!oliveb|amd}!intelca!mipos3!nate