change to vncpasswd requested

Carl R. Witty cwitty "at"
Thu, 01 Oct 1998 05:08:26 +0000

Dan Mick <dan.mick "at" West.Sun.COM> writes:

> > > > Yes, I agree; but is somebody who runs "chmod -R a+r $HOME"
> > > > "explicitly taking responsibility" for exposing his/her password?
> > > 
> > > absolutely.  Don't change the permission on *any* file you don't understand.
> > > Ever.
> > 
> > i agree, but most users aren't conditioned to be as careful with file
> > permissions (particularly read permissions).  they don't expect that
> > changing the read permissions of their home directory would allow
> > someone to compromise their account, and in general, it wouldn't.  the
> > conditioning isn't there because in most cases it doesn't have to be.
> .rhosts is famous.  .forward is famous.  True, they don't normally
> get affected unless you try really hard...but still, it's not like
> this is without precedent.  I'm fairly low on sympathy for someone
> who opens permissions on a file and is then surprised that someone
> else has more access to their private's a direct match.

But this is a case of opening up read access on a file and giving
somebody else write access to my private stuff...not a direct match at

Carl Witty
cwitty "at"

The VNC mailing list     -   see