change to vncpasswd requested

Boyce, David David.Boyce "at"
Thu, 01 Oct 1998 17:34:40 +0000

> > > > > Yes, I agree; but is somebody who runs "chmod -R a+r $HOME"
> > > > > "explicitly taking responsibility" for exposing his/her
> password?
> > > > 
> > > > absolutely.  Don't change the permission on *any* file you don't
> understand.
> > > > Ever.
> > > 
> > > i agree, but most users aren't conditioned to be as careful with
> file
> > > permissions (particularly read permissions).  they don't expect
> that
> > > changing the read permissions of their home directory would allow
> > > someone to compromise their account, and in general, it wouldn't.
> the
> > > conditioning isn't there because in most cases it doesn't have to
> be.
> > 
> > .rhosts is famous.  .forward is famous.  True, they don't normally
> > get affected unless you try really hard...but still, it's not like
> > this is without precedent.  I'm fairly low on sympathy for someone
> > who opens permissions on a file and is then surprised that someone
> > else has more access to their private's a direct match.
> But this is a case of opening up read access on a file and giving
> somebody else write access to my private stuff...not a direct match at
> all.
Let's not forget the original situation: there's nothing in VNC that
refuses to *use* a password file whose permissions have been opened up
from 600. So if a user inadvertently did so via a "chmod -R a+r $HOME"
as above, his/her VNC passwd would be compromised. The only thing VNC
does about it is to silently change the permissions back when (or if)
the password is subsequently changed. Thus I would argue that in the
interest of consistency VNC ought to be modified in one of two ways:
either don't make this silent change (my original request) or failing
that, refuse to open a password file with modified permissions. Some
Unix implementations (AIX?) require a .rhosts file to be mode 600 before
opening it, so there is a precedent here.

-David Boyce

The VNC mailing list     -   see