From owner-freebsd-questions@FreeBSD.ORG Fri Jun 28 13:35:00 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id A73103D3 for ; Fri, 28 Jun 2013 13:35:00 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) by mx1.freebsd.org (Postfix) with ESMTP id 71E2219D9 for ; Fri, 28 Jun 2013 13:35:00 +0000 (UTC) Received: from r56.edvax.de (port-92-195-59-16.dynamic.qsc.de [92.195.59.16]) by mx02.qsc.de (Postfix) with ESMTP id 7E6FF24249; Fri, 28 Jun 2013 15:34:52 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id r5SDYxKw002118; Fri, 28 Jun 2013 15:34:59 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Fri, 28 Jun 2013 15:34:59 +0200 From: Polytropon To: "Julian H. Stacey" Subject: Re: A very 'trivial' question about /root Message-Id: <20130628153459.4519d5b7.freebsd@edvax.de> In-Reply-To: <201306281325.r5SDPitf054224@fire.js.berklix.net> References: <1372407002.6831.34.camel@blackfriar.inhio.eu> <201306281325.r5SDPitf054224@fire.js.berklix.net> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jun 2013 13:35:00 -0000 On Fri, 28 Jun 2013 15:25:44 +0200, Julian H. Stacey wrote: > Before we might ask (via send-pr) for it to be commited, > we should various of us run > chmod 750 /root;chown root:wheel /root > & give it a couple of months to see if problems. Done years ago: drwxr-x--- 7 root wheel 512 2013-04-05 21:42:34 /root/ System has been installed in August 2011. No problems so far. :-) > ( I'd guess OpenBSD might go for a tighter /root though, as they're > supposedly keen on security. ) Currently I've got no OpenBSD installation at hand to verify, but I _assume_ they still have the same defaults as FreeBSD regarding permissions of /root. > > if it leads to programs and daemons that > > would otherwise run as nobody having to run with root priviledges. > > Good point, we should be cautious, best if lots of us try chmod 750 /root > for a couple of months & see if any burnt fingers. What programs or daemons should attention be paid at, especially? -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...