WG15 Defect Report Ref: 9945-2-38
Topic: ex - extended desciption

This is an approved interpretation of 9945-2:1993.


Last update: 1997-05-20



	Relevant Sections:	5.10.7
	Classification:  defect

Defect Report:

Reference: Page 519, Section 5.10.7, "Extended Description"

The specification that ``no .exrc file shall be read unless
it is owned by the same user ID as the effective user ID of
the process'' is necessary but not sufficient.  To keep the
.exrc files from being a security problem, the file should
not be read if it is writeable by anyone other than the owner.

(Keith Bostic)

WG15 response for 9945-2:1993 

The standard states the required behavior and
conforming implementations shall conform to this.

Concerns about the wording of this part of the standard have
been forwarded to the sponsor.
Rationale for Interpretation:

Interpretations cannot make substantive changes to the standard.
This may be considered for a future revision.