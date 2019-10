> там 777 чтоль было?

" Until now, /var/guix/profiles/per-user was world-writable [...] "

--https://guix.gnu.org/blog/2019/insecure-permissions-on-profile-directory-cve-2

" This issue was initially reported by Michael Orlitzky for Nix (CVE-2019-17365). "

==

"

its parent directory. That parent directory is shared by all users on

the system, and as a result, is world-writable (so that everyone can

create his own subdirectory thereof). This is enforced by the

installation script scripts/install-multi-user.sh...

_sudo "to make the basic directory structure of Nix (part 2)" \

mkdir -pv -m 1777 /nix/var/nix/{gcroots,profiles}/per-user

" --https://www.openwall.com/lists/oss-security/2019/10/09/4