Saturday, February 27, 2010

Computer security scare

When I was at a friends house last weekend working on an iPhone project, I had a big computer security scare. We'd reached a point where I wanted to transfer a build over him so he could play around with it, so I put the build in my network share folder. When he browsed to my computer though, instead of just seeing my read-only drop box, he saw my entire programming directory with ~10 projects in it...and he had read/write access to it! Let me say that again, my main development folder had read/write access privs set for everyone, essentially it was a shared public folder

Now this is a pretty stupid thing to set, and what makes me kick myself even more is I'd set this many many times, not knowing the implications of what I was doing. I'd exposed my precious data to anyone to read or even modify. This was especially scary because I like working at coffee shops, so I was very lucky some bored, tech-savvy person didn't go and delete the projects I'd spent hours or days on.

In case you're wondering why I'd set public read/write privs on a folder that's so important, the answer is it was a workflow I was using for development. I had to share symlinks between my OS X and WinXP installations (I run WinXP through a virtual machine). There are some nuances regarding sharing symlinks between these two OS's (I don't recall the exact issue), but a workaround I found was to, among other things, publically share my dev folder. What really kills me though, is I found a better workflow several months ago that didn't require symlinks at all.

Moral of the story, make sure your important data directories aren't set to be shared publicly :)

No comments:

Post a Comment