From owner-freebsd-security@FreeBSD.ORG  Sun Oct 24 00:17:46 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C721F16A4CE
	for <freebsd-security@freebsd.org>;
	Sun, 24 Oct 2004 00:17:46 +0000 (GMT)
Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0D01343D1D
	for <freebsd-security@freebsd.org>;
	Sun, 24 Oct 2004 00:17:45 +0000 (GMT)
	(envelope-from keramida@linux.gr)
Received: from gothmog.gr (patr530-a027.otenet.gr [212.205.215.27])
	i9O0HgYF009417;	Sun, 24 Oct 2004 03:17:43 +0300
Received: from gothmog.gr (gothmog [127.0.0.1])
	by gothmog.gr (8.13.1/8.13.1) with ESMTP id i9O0HUfZ026081;
	Sun, 24 Oct 2004 03:17:30 +0300 (EEST)
	(envelope-from keramida@linux.gr)
Received: (from giorgos@localhost)
	by gothmog.gr (8.13.1/8.13.1/Submit) id i9NLp6dW077300;
	Sun, 24 Oct 2004 00:51:06 +0300 (EEST)
	(envelope-from keramida@linux.gr)
Date: Sun, 24 Oct 2004 00:51:06 +0300
From: Giorgos Keramidas <keramida@linux.gr>
To: Vlad GALU <vladgalu@gmail.com>
Message-ID: <20041023215106.GB4233@gothmog.gr>
References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net>
	<Pine.NEB.3.96L.1041023160159.59894D-100000@fledge.watson.org>
	<79722fad04102314136d2dc0e2@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <79722fad04102314136d2dc0e2@mail.gmail.com>
cc: freebsd-security@freebsd.org
Subject: Re: Default permissions of /home/user..
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Oct 2004 00:17:46 -0000

On 2004-10-24 00:13, Vlad GALU <vladgalu@gmail.com> wrote:
>      One thing though. The mtree file that controls the permissions
> for / specifies 0755 as the mask for /root. It's allright with me, I
> have "chmod /root 0600" in my .profile, but still ...

No problem :)

	mkdir /root/private
	chmod 0600 /root/private

Seriously now, if you don't use the root account for doing "real work",
it shouldn't be a problem that its HOME directory is world-readable.

I only keep very few files in my /root tree.  Most of them are dot-files
for programs I might want to run as root (i.e. .bashrc, .vimrc and not
much else).  Sensitive data is never stored in /root and *REALLY*
sensitive data (like passwords) are never stored in a computer at all.

So, why would one need to be paranoid about the permissions or /root?