-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/16/06 21:17, Marc Shapiro wrote: > David Jardine wrote: >> On Sat, Dec 16, 2006 at 12:27:48PM -0800, Marc Shapiro wrote: >> >> >> >>> Yes, but there are actually quite a few hidden configuration >>> directories that are set with permissions of 700. I can see that >>> this prevents anyone else from viewing your configs, but I don't see >>> a danger in that (viewing, but not changing). I could just change >>> all of them from 700 to 755. Then updatedb would find them all and >>> locate will actually get everything, until the next time that some >>> program creates its config directory with a 700 permission. >>> >> >> You might find that some programs (fetchmail is an example I can think >> of) refuse to run if permissions on the config files are not strict >> enough. >> > This is why I would prefer to simply change updatedb.conf so that > updatedb runs as 'root' instead of as 'nobody'. If no one can give me a > good reason not to, then that is what I will do.
Security rule #2 : Don't run as root unless you *really* need to, like touch the h/w. Otherwise, use groups. Instead of having slocate run as root, find out why ~/.mozilla/ is set to 700. BTW, mine is set to 700 also. Probably because of passwords. - -- Ron Johnson, Jr. Jefferson LA USA Is "common sense" really valid? For example, it is "common sense" to white-power racists that whites are superior to blacks, and that those with brown skins are mud people. However, that "common sense" is obviously wrong. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFhVJHS9HxQb37XmcRAiLbAJ0Tr8iB3VuaO34+gl74ASvdZUqolACgoue0 NQyYmWMMRXXFxAwK9xA0G4g= =KRGc -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
