Date: Wed, 29 Jan 2020 10:15:35 -0500 From: Ryan Stone <rysto32@gmail.com> To: Gordon Bergling <gbergling@googlemail.com> Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: More secure permissions for /root and /etc/sysctl.conf Message-ID: <CAFMmRNxXManuVe46RyJ=-qwqd0K3VhTgAjzw9Kw_s1TjDJrusQ@mail.gmail.com> In-Reply-To: <20200129092631.GA22505@lion.0xfce3.net> References: <20200129092631.GA22505@lion.0xfce3.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 29, 2020 at 4:26 AM Gordon Bergling via freebsd-hackers <freebsd-hackers@freebsd.org> wrote: > > Hi, > > I recently stumbled upon the default world readable permissons of /root and > /etc/sysctl.conf. I think that it would be more secure to reduce the default > permission for /root to 0700 and to 0600 for /etc/sysctl.conf. I don't see the point in making this change to sysctl.conf. sysctls are readable by any user. Hiding the contents of sysctl.conf does not prevent unprivileged users from seeing what values have been changed from the defaults; it merely makes it more tedious.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFMmRNxXManuVe46RyJ=-qwqd0K3VhTgAjzw9Kw_s1TjDJrusQ>