[ut2003io] Updater makes files world-writable

Ian Hastie ianh at ordinal.freeserve.co.uk
Wed Nov 20 20:12:22 EST 2002

Matthew Arnold wrote:

> I was perusing my /var/log/messages and saw a bunch of warnings about 
> a number of files being world-writable. It seems that every file the 
> UT2K3 updater touches gets its permissions changed to 777. I don't 
> know how much of a security threat this is, but it probably isn't A 
> Good Thing.

After receiving this warning I checked and can definitely say it didn't 
happen here.  Seems odd that it would make them all 777 too.  umask 
problem perhaps?

As to the security threat.  Well you never run UT2k3 as root do you? 
 Apart from that you'd need full user access to the system in order to 
modify the file and that wouldn't really get you anything extra.  I know 
this isn't always the case, but it's a lot harder to do otherwise.  Even 
so it definitley isn't a Good Thing!


More information about the ut2003 mailing list