Article:
  Ten Things I Dig About Panther
Subject:   Access rights on some files
Date:   2003-10-11 02:23:34
From:   anonymous2
I noticed two security flaws in Jaguar and would like to know if they are corrected in Panther.
- If you use the finder to duplicate a folder (Cmd-D) the copy is world-writable. It should have the same access rights as the original.
- When you print a file and you choose to make a preview, the resulting PDF file is world readable in a public directory in /tmp/printing.xxx.
Full Threads Newest First

Showing messages 1 through 2 of 2.

  • James Duncan Davidson photo Access rights on some files
    2003-10-11 10:19:24  James Duncan Davidson | O'Reilly AuthorO'Reilly Blogger [View]

    That isn't part of the information currently available on the Apple.com webiste. Ask those questions again after the system has been released.
  • Access rights on some files
    2003-10-19 07:46:45  anonymous2 [View]

    I'll address the first part of this post. The duplicating of a folder does result in world-writable permissions, bt my question is- where are you duplicating folders? I would suspect that most user's may duplicate a folder somewhere within their home directory, say the Desktop or Documents folder (where the user's files and folders should be kept for security reasons anyway). The duplicated file or folder may have world-writable permissions, but the enclosing folders do not. So the files would be protected.

    With regard to the second question of your post, how long does the temp file remain? I agree that the best way to create a temp file would be to make it somewhere in the user's home/library/tmp folder (or something like that), but I suspect that the temp file is deleted shortly after it's creation. I have previewed PDF's in the past, but my /tmp directory has no printing.xxx files curenty in it.