Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • The reason why world writable directories are a security breach is this: if the target system is a multiuser system, then any user gets write access to a disk area that was never intended to be usable for anybody but the owner. Just see this as opening an otherwise protected disk area to a third party. By allowing a third party to usurp a directory you open a system for all sorts of breaches including the removal and addition of files.

    So letting directories be world writable must be a conscious decision of a user, not something that you let him create accidentally, and we as the community must protect him from falling into such traps.

    Thanks for your findings on the Archive::Tar directory issue!