[TxMt] Re: Just a thought...

[Allan Odgaard]

On 18 Dec 2011, at 09:06, Phil Dobbin wrote:

>> Ruby is complaining about /usr/local, not the folders you mention.
> […] are you saying that Ruby is complaining about /usr/local regardless?

This is the error you quoted: “Insecure world writable dir /usr/local in PATH”.

What this means is:

 1. The folder ‘/usr/local’ is “world writable”. This means that any user on your system (incl. guest) can write to that folder.
 2. The folder ‘/usr/local’ is in your PATH. This means that when you e.g. type ‘ls’ in a terminal, the system will look for ‘ls’ in ‘/usr/local’.
 3. This is insecure because say I get access to your machine (e.g. guest accont login) I can put a script called ‘ls’ which will then be called (later) by a more trusted user, and so I can bootstrap the attack from a simple guest-login to root.

To fix this you do one of the following:

 - Run this line in terminal: sudo chmod go-w /usr/local
 - Remove ‘/usr/local’ from your PATH.

I hope this clears up your confusion.