> Bob Walker wrote:
> > Make sure if you create /usr/local it has security 777.
>
> No! No! No!  Run away!  Run away!  Run away!
[snip]
> It's little quirks like this that cause many Un*x security problems.
>
> For MANAGER.SYS especially, and other users in general, I would
> strongly
> suggest that you set umask = 077 in /etc/profile or ~/.profile.  This
> results in all your files being created which only you have access to
> *unless* you specify otherwise with a chmod.
[snip]
> Jeff Kell <[log in to unmask]>
>

In our real Unix world (HP-UX 10.x), we default the umask for all users
to 077 to protect privacy for clueless Unix users. There has been a
curious side effect of this policy. Many commercial 3rd party (including
at least one well known database vendor) software install programs just
fall over and die. We had one vendor trying to setup a demo for us that
worked all afternoon without success while his sales rep tried to
distract us. So, it seems that even otherwise "cluefull" Unix
programmers don't have a clue about security management in
installations, so why should we suppose they do in other parts of their
code?

By the way, so far as I know, none of the vendors with problem
installation programs are in the HP3000 market.

Richard Gambrell