Insecure world writable dir /Users/username in PATH, mode 040777 when running Ruby commands
Your home folder should only be writable by you, not by anyone else. The reason gem is complaining about this is that you have folders in your PATH that are inside your (insecure) home folder, and that means that anyone who wants to could hack you by renaming/moving your .rvm folder and replacing it with an impostor.
To fix your home folder, run chmod go-w /Users/kristoffer
. If there are any other insecure folders on the way to anything in your PATH, you should fix them similarly.
BTW, the reason that Disk Utility didn't repair this is that it only repairs files installed as part of the OS (see Apple's KB article on the subject). There is an option to repair home folder permissions if you boot from the install DVD and run Password Reset from the Utilities menu, but I'm not sure if it resets the permissions themselves or just ownership.
warning: Insecure world writable dir /usr in PATH, mode 040777
To eliminate this particular error, just execute
sudo chmod 755 /usr
But in general, world-writable /usr
directory means there are problems in your system.
How to solve Insecure world writable dir /usr in PATH,mode 040777 warning on Ruby?
Learn to read the error messages closely.
Insecure world writable dir /usr in PATH
Note it's not saying /usr/local
.
To confirm this diagnosis, use
ls -ld /usr
drwxrwxrwx 14 ownerID groupID 4096 Dec 10 2010 /usr
#-------^- is the world-writeable part
As you know, you can fix it with
sudo chmod 755 /usr
Edit
Folks, See my scripted solution over here.
warning: Insecure world writable dir when I run a ruby or gem command
Just chmod go-w /opt/local/bin
at a shell prompt (depending on permissions you may need to sudo
to do that).
warning: Insecure world writable dir /usr/local/bin in PATH, mode 040777
You will need to have root access to do this. If you aren't already the administrative user, login as the administrator. Then use 'sudo' to change the permissions:
sudo chmod go-w /usr/local/bin
Obviously, that will mean you can no longer install material in /usr/local/bin except via 'sudo', but you probably shouldn't be doing that anyway.
Suppress warning Insecure world writable dir /some/dir/
I could not find a way to globally disable the "Insecure world writable dir" warning.
Another answer suggests replacing the ruby executable with a shell script or to recompile ruby with different options. Both options are difficult and could lead to other unexpected problems, in my opinion.
However, I found a way to disable the warning for individual scripts/gems:
In my case, I use the gem colorls
to generate a nicer ls
output. So far, this gem is the only one the frequently triggers the warning. I solved it, by adding the following alias to my .zshrc
file (or .bash_profile
)
Solution 1
# Inside .zshrc
alias colorls='colorls --color=always 2>/dev/null'
The important part is the error redirection 2>/dev/null
.
Good: This alias allows me to add custom parameters to the command, like colorls --report
Bad: This alias will mask any error or warning that the command produces. I want to specifically remove the "Insecure world writable dir" warning.
Solution 2
# Inside .zshrc
alias colorls='colorls --color=always 2>&1 | grep "warning: Insecure world writable dir" -v'
Good: Instead of redirecting all errors to /dev/null
, my second attempt redirects all output to grep
, which strips out the individual warning message.
Bad: That solution does not recognize any colorls
parameters; any parameter will be passed to grep
instead of colorls
...
Solution 3 (best)
# Inside .zshrc
colorls() {
/usr/bin/colorls --color=always $@ 2>&1 | grep "warning: Insecure world writable dir" -v
}
This is the best solution: We replace the colorls
binary with a shell function. That shell function calls the binary. The $@
variable passes all parameters to the binary, while grep
removes the specific warning from the output.
Getting the warning Insecure world writable dir /home/chance in PATH, mode 040777 for rails and gem
If you tried sudo chmod go-w /usr/local/bin
from the other answer, try:
chmod go-w /home/chance
instead.
What seems to have happened is that somehow your home directory (/home/chance
) has been added to your $PATH
(the list of directories the OS searches when trying to find an executable to launch) and has also had its permissions changed so that anyone can write to it. This is potential a security problem, as another user could put an executable into this directory which you could accidentally launch. Ruby notices this and issues the warning.
This command changes the permissions of the directory so that it is no longer world writable.
In unix, file permissions are specified for three categories, the file owner (user), the group of the file (group), and everyone else (other). (See Google for more on unix file permissions).
So breaking down the command above:
chmod
- change the 'mode' of the file (i.e. its permissions)
go
- for group(g) and others(o)
-w
- (minus w) remove write permission
/home/chance
- the file (or directory) in question
In the other answer the directory that was causing the problem was /usr/local/bin
, which is owned by root so sudo
is required to change permissions on it. /home/chance
is your home directory which is owned by the chance
user who can change permissions on it - no sudo
required.
warning: Insecure world writable dir
This is a warning that your home directory is writeable to by anyone in your group plus anyone else at all (i.e. world). The 777
at the end of the mode is indicating the directory is writable by all of yourself (owner), the group plus world. Normally it should end with 755
or 750
depending on how open you want your home directory to be.
It is not going to stop anything working but it's a legitimate warning as you really don't want your home directory open like this.
Easiest way to fix it is to execute command such as:
chmod go-w /home/nazar
which will remove write permission for group and others (world).
Insecure world writable dir /usr/local in PATH when trying to install Rails 3.0.3
You need to secure that directory before the install. Use:
chmod o-w /usr/local
to do this. If that doesn't work, the you probably need to be root
(or otherwise suitably empowered) so you can try:
sudo chmod o-w /usr/local
and enter your password.
I've seen this sort of thing before on some software which really wants things set up in a certain way to ensure that its assumptions are met. In any case, it's actually a bad idea to have world writable directories except when you know security on them is not a big deal.
/usr/local
is important enough that you shouldn't allow anyone to write to it.
Erroneous Insecure world writable dir foo in PATH when running ruby script
You could shut off all warnings with
> ruby -W0 ...
But that may hide other issues. and you did say you want only that specific warning hidden, and I don't think there is a way to do it other than fix the issue, which I think is due to the NFS mount not properly relaying the actual mask. I see this when I mount a non-linux server on linux with NFS.
Like a snao server or something that does not support unix style attributes.
Also as the error is reporting that it doesn't like the world writable directory in the path, could you remove it from the path, and use a prefix to access anything in that directory?
EDIT...
Another idea is to filter the output of your ruby script with something like...
> ruby ... | egrep -v "warning: Insecure world writable dir"
That would print any output other (the -v) than the specific warning.
However the warning is a security warning, it is a bad idea to have a world writable directory in your path as anyone can put a malicious script or executable in there. And it is equally bad to have a mounted bin directory especially one you have no control over in your PATH. In this case the issue has nothing to do with whether the directory is writable or not, it is the fact there is a foreign directory in your PATH.
Good practices would dictate that you take that mounted directory out of your PATH and the warning will go away. If you need to execute something that is in that directory, then explicitly provide the full path to the script or executable.
This is not really a Ruby issue but a security issue.
Related Topics
Finding If a Sentence Contains a Specific Phrase in Ruby
Check If an Array Is Subset of Another Array in Ruby
Interpretation as a Local Variable Overrides Method Name
Rails 3.1 - Has_And_Belongs_To_Many Deprecated
Sinatra Clears Session on Post
Why Is Gets Throwing an Error When Arguments Are Passed to My Ruby Script
Heroku App Crash H10 - Bash: Bin/Rails: No Such File or Directory
Converting a Hexadecimal Digest to Base64 in Ruby
Rvm Does Not Install Ruby 1.9.2 on Snow Leopard: 'Error Running 'Make '
Dry Way to Assign Hash Values to an Object
How to Track the Execution Process of Ruby Program
Decrypting Salted Aes File Generated on Command Line with Ruby
Difference Between Integer(Value) and Value.To_I
Rspec --Init Not Working/ 'Mkd Ir': Invalid Argument - ./C: (Errno::Einval)