Almost all of the library files in /usr/lib are writable by root. This allows buggy processes running as root to corrupt the library. These files do not need to be writable by root and should be 0444. I marked this critical as I have seen other systems severely disruppted by a corrupt libc.
watch out other distros, they have 06* or 07*
what about when portage overwrites the libraries during a merge? what about prelinking? doesn't that write to the libs. I'm not saying that it's good to have them writable but 1) root can write them regardless of permissions and 2) how will this affect our users and usability of gentoo?
For the very, very few applications that need to modifiy the libraries they can modify the permissions before and after modifying the file. The idea is to make it harder for buggy applications to accidently corrupt the libraries. While this does not happen often, it does happen, And when libc is corrupt, tools like ls and less stop working. Ideally, a process attempting to modify these file without permission would be segfaulted and core dumped so that we could fix it. But for now, it should be relatively trivial to make these files 0444. A scenairo more likely than a buggy applications might be a buggy sysop who does an accidental paste. When attempting to overwrite a library, they will now get an error message.
In regards to how will it affect users and usability of gentoo: Users should not notice. Usability wise, the system should be useful more of the time as it will be corrupt less of the time. BYW, some libraries are already installed 0444 and while some one might have asked why, I doubt anyone ever complained. The alternative extreme is to have root simply ignore the write bit everywhere. Clearly wrong.
considering that many of our users don't even know what file permissions are it would be detrimental to the 'gentoo user experience'. considering that as of now prelinking is done manually (prelink -af) or whatever it would fail, the users can't be expected to change permissions, and then change them back.. portage could be made to change permissions automatically.. i just think it is a bad idea
(1) Changing permissions prior to and after modifying a library is the job of tools not end-users. (2) If prelink does not currently do handle and restore the permissions correctly then it is broken. On my system, the following libraries are already 0444 to no ill effect: -r--r--r-- 1 root root 5122 Dec 14 16:37 ./libcom_err.a -r--r--r-- 1 root root 29116 Dec 14 16:37 ./libe2p.a -r--r--r-- 1 root root 134502 Dec 14 16:37 ./libext2fs.a -r--r--r-- 1 root root 24818 Dec 14 16:37 ./libss.a -r--r--r-- 1 root root 1504284 Dec 15 13:43 ./libtiff.a -r--r--r-- 1 root root 12294 Dec 14 16:37 ./libuuid.a (3) I thought the target for Gentoo was power users, not clueless newbies poking around system libraries as root. Even if the target was clueless newbies, it would be better to protect both the newbies and power users from accidental overwrites. (4) "i just think it is a bad idea" - This is a conclusion not a valid argument. - I think the part the orevious poster is missing or disagrees with is the point I made earlier: "Users should not notice."
---------------------------------------- nosferatu doc # echo bar > foo.txt nosferatu doc # cat foo.txt bar nosferatu doc # chmod 0444 foo.txt nosferatu doc # ls -l foo.txt -r--r--r-- 1 root root 4 Jan 7 23:48 foo.txt nosferatu doc # echo zoo > foo.txt nosferatu doc # cat foo.txt zoo nosferatu doc # ls -l foo.txt -r--r--r-- 1 root root 4 Jan 7 23:49 foo.txt nosferatu doc # rm foo.txt nosferatu doc # ls -l foo.txt ls: foo.txt: No such file or directory nosferatu doc # ------------------------------------------- I am sorry, but I do not see the use. Default for root is not to worry about readonly permissions.
also, it has come up before ... we do target power users but that doesnt mean we'll leave 'clueless newbies' out ... and if a 'clueless newbie' overwrites/messes something up, they'll learn ... and if they dont, well they should ;)
