On Sat, Feb 18, 2006, Oron Peled wrote about "Re: Helping Linux move into business: FireFox vs. IE": > On Saturday, 18 �February 2006 02:24, Oleg Goldshmidt wrote: > > ... Why on earth does the bookmarks file > > have world execute (or read, for that matter) access? > > ... > > -rwxr-xr-x 1 oleg users 182626 Jan 16 16:06 bookmarks.html > > What is your umask? Maybe you simply have umask of 022 (very > common case). > > If you are more restrictive by default, than simply set a umask > of 027 (or 077 if you want a "nobody but me" defaults).
It is traditional in the Unix world that while ordinary files are indeed created with the umask, when security or privacy issues are involved, applications specificially set the permissions on files or directories they create to be more restrictive than your umask. It doesn't make much sense for your .mozilla directory to be world-readable for eternity just because your umask was permissive at the time you first ran "firefox" (normally, this would be one minute after you installed the system, and didn't even configure anything properly). Some programs even goes a step further, and warns you (or even refuses to run) if their configuration files are writable (or even readable) by others. I'm not suggesting that Mozilla should do it, but it should definitely not create such files on its own. If a user wants to share these files, let him do this explicitly. Why would he want that, by the way? Mozilla has no built-in way to read someone else's configuration or bookmarks, so what legitimate reason can you have for wanting to read someone else's .mozilla directory? -- Nadav Har'El | Sunday, Feb 19 2006, 21 Shevat 5766 [EMAIL PROTECTED] |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |Share your knowledge. It's a way to http://nadav.harel.org.il |achieve immortality. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
