Home » Ruby » Insecure world writable dir /Users/username in PATH, mode 040777 when running Ruby commands

Insecure world writable dir /Users/username in PATH, mode 040777 when running Ruby commands

Posted by: admin November 30, 2017 Leave a comment

Questions:

When I run Ruby commands like gem -v I get this error:

/Users/kristoffer/.rvm/rubies/ruby-1.9.2-p180/bin/gem:4:
warning: Insecure world writable dir
/Users/kristoffer in PATH, mode 040777

1.6.2

First of all I don’t understand what this means. /Users/kristoffer is not in my path according to echo $PATH. The result of echo $PATH is:

/Users/kristoffer/.rvm/gems/ruby-1.9.2-p180/bin:/Users/kristoffer/.rvm/gems/[email protected]/bin:/Users/kristoffer/.rvm/rubies/ruby-1.9.2-p180/bin:/Users/kristoffer/.rvm/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

As you can see, the PATH is pretty clean. Just the default path + what RVM added.

I’ve seen the other posts similar to this where the recommended way to solve the issue is to run chmod go-w path/to/folder

However, I’m pretty sure that it’s a bad idea to make my Home folder non-writeable, right? I’ve repaired permissions using Disk Utility and it didn’t find anything wrong with the permissions on my Home folder.

Any idea of what the problem is and how I can fix it?

Answers:

Your home folder should only be writable by you, not by anyone else. The reason gem is complaining about this is that you have folders in your PATH that are inside your (insecure) home folder, and that means that anyone who wants to could hack you by renaming/moving your .rvm folder and replacing it with an impostor.

To fix your home folder, run chmod go-w /Users/kristoffer. If there are any other insecure folders on the way to anything in your PATH, you should fix them similarly.

BTW, the reason that Disk Utility didn’t repair this is that it only repairs files installed as part of the OS (see Apple’s KB article on the subject). There is an option to repair home folder permissions if you boot from the install DVD and run Password Reset from the Utilities menu, but I’m not sure if it resets the permissions themselves or just ownership.

Questions:
Answers:

I kept getting this in my prompt.

enter image description here

I couldn’t get it quite right with my command prompt but this ended up working.

enter image description here

Questions:
Answers:

Recently this just happened to me and it has to do with a bug in upgrading to Mac OSX 10.9.3. Looks like the upgrade changes the permissons to the User folder. Here’s an explanation and a fix:

http://derflounder.wordpress.com/2014/05/16/users-folder-being-hidden-with-itunes-11-2-installed-and-find-my-mac-enabled/

Questions:
Answers:
chmod 755 /Users/<username>

Should fix the problem…

Questions:
Answers:

it says that the directory Users/username is insecure, you can fix that by running
sudo chmod go-w Users/username

Questions:
Answers:

I found a solution. Like user2952657, I got this warning with vagrant up after upgrading to OSX 10.9.3. Updating iTunes to 11.2.1 was all I needed to do to get the warning to stop.