How to Solve Insecure World Writable Dir /Usr in Path,Mode 040777 Warning on Ruby

warning: Insecure world writable dir /usr/local/bin in PATH, mode 040777

You will need to have root access to do this. If you aren't already the administrative user, login as the administrator. Then use 'sudo' to change the permissions:

sudo chmod go-w /usr/local/bin

Obviously, that will mean you can no longer install material in /usr/local/bin except via 'sudo', but you probably shouldn't be doing that anyway.

How to solve Insecure world writable dir /usr in PATH,mode 040777 warning on Ruby?

Learn to read the error messages closely.

Insecure world writable dir /usr in PATH

Note it's not saying /usr/local.

To confirm this diagnosis, use

 ls -ld /usr
drwxrwxrwx 14 ownerID groupID 4096 Dec 10 2010 /usr
#-------^- is the world-writeable part

As you know, you can fix it with

 sudo chmod 755 /usr

Edit

Folks, See my scripted solution over here.

warning: Insecure world writable dir /usr in PATH, mode 040777

To eliminate this particular error, just execute

sudo chmod 755 /usr

But in general, world-writable /usr directory means there are problems in your system.

warning: Insecure world writable dir when I run a ruby or gem command

Just chmod go-w /opt/local/bin at a shell prompt (depending on permissions you may need to sudo to do that).

Insecure world writable dir /Users/username in PATH, mode 040777 when running Ruby commands

Your home folder should only be writable by you, not by anyone else. The reason gem is complaining about this is that you have folders in your PATH that are inside your (insecure) home folder, and that means that anyone who wants to could hack you by renaming/moving your .rvm folder and replacing it with an impostor.

To fix your home folder, run chmod go-w /Users/kristoffer. If there are any other insecure folders on the way to anything in your PATH, you should fix them similarly.

BTW, the reason that Disk Utility didn't repair this is that it only repairs files installed as part of the OS (see Apple's KB article on the subject). There is an option to repair home folder permissions if you boot from the install DVD and run Password Reset from the Utilities menu, but I'm not sure if it resets the permissions themselves or just ownership.

Getting the warning Insecure world writable dir /home/chance in PATH, mode 040777 for rails and gem

If you tried sudo chmod go-w /usr/local/bin from the other answer, try:

chmod go-w /home/chance

instead.

What seems to have happened is that somehow your home directory (/home/chance) has been added to your $PATH (the list of directories the OS searches when trying to find an executable to launch) and has also had its permissions changed so that anyone can write to it. This is potential a security problem, as another user could put an executable into this directory which you could accidentally launch. Ruby notices this and issues the warning.

This command changes the permissions of the directory so that it is no longer world writable.

In unix, file permissions are specified for three categories, the file owner (user), the group of the file (group), and everyone else (other). (See Google for more on unix file permissions).

So breaking down the command above:

chmod - change the 'mode' of the file (i.e. its permissions)

go - for group(g) and others(o)

-w - (minus w) remove write permission

/home/chance - the file (or directory) in question

In the other answer the directory that was causing the problem was /usr/local/bin, which is owned by root so sudo is required to change permissions on it. /home/chance is your home directory which is owned by the chance user who can change permissions on it - no sudo required.

Insecure world writable dir /usr/local in PATH when trying to install Rails 3.0.3

You need to secure that directory before the install. Use:

chmod o-w /usr/local

to do this. If that doesn't work, the you probably need to be root (or otherwise suitably empowered) so you can try:

sudo chmod o-w /usr/local

and enter your password.

I've seen this sort of thing before on some software which really wants things set up in a certain way to ensure that its assumptions are met. In any case, it's actually a bad idea to have world writable directories except when you know security on them is not a big deal.

/usr/local is important enough that you shouldn't allow anyone to write to it.

warning: Insecure world writable dir

This is a warning that your home directory is writeable to by anyone in your group plus anyone else at all (i.e. world). The 777 at the end of the mode is indicating the directory is writable by all of yourself (owner), the group plus world. Normally it should end with 755 or 750 depending on how open you want your home directory to be.

It is not going to stop anything working but it's a legitimate warning as you really don't want your home directory open like this.

Easiest way to fix it is to execute command such as:

chmod go-w /home/nazar

which will remove write permission for group and others (world).



Related Topics



Leave a reply



Submit