jspear@BLACKBIRD.AFIT.AF.MIL (Jon L. Spear) (11/14/88)
GNUrus, The build-install script included with the 18.52 distribution has as its last line: chmod 777 $BIN/{ctags,etags,emacs} Left unchanged, this allows any user on the system to modify these executables, possibly turning them into trojan horses. I would think that this should be changed to "chmod 755", and I have done this with my copies. Unless I'm missing something obvious, this would appear to be a serious security problem, especially if users with root permission ever run Emacs -- they could be running most anything before they realize it. There might have been a warning about this on comp.emacs many months ago (our messages only go back a couple weeks so I can't check), but that isn't enough (and perhaps a (new) warning should be posted). Sure, many people will notice this problem and make the trivial change, but there are probably many who will not. Think of the extra publicity if the Loud Internet Worm had planted eggs in every unprotected GNU executable it had found. -Jon -- ---- random rumors from Jon Spear, comp eng student | With computers we can make a jspear@blackbird.afit.af.mil or @afit-ab.arpa | billion mistakes every second.