On 02/19/2016 06:52 PM, Sebastian Nielsen wrote: > > 2: Its just a habit, everytime some process complains of not able to > access a file, "666" is the universal solution. Of course, this isn't > recommended in a web hosting setup, but if you're hosting for example > a mail server for a company, and only you as a sysadmin has shell > access to the server, its no danger 666'ing files that throw > permission errors. Then the file isn't really "world writable", since > only you have a account on the server anyways. >
There are two problems with this. First, you are never the only user in /etc/passwd. Those other accounts belong to services potentially acting on behalf of other people, and now they can overwrite your files. But more importantly: when you need to add a second shell account for an intern five years from now, did you keep track of every single file that you changed to mode 666? Whoops, your intern has root.
