Date: Mon, 12 Nov 2001 20:32:45 -0600 From: Mike Meyer <mwm@mired.org> To: setantae <setantae@submonkey.net> Cc: questions@freebsd.org Subject: Re: does /etc HAVE to be world readable? Message-ID: <15344.34381.129195.12756@guru.mired.org> In-Reply-To: <20011112103318.GA79662@rhadamanth> References: <57002037@toto.iv> <15343.23465.798379.106042@guru.mired.org> <20011112103318.GA79662@rhadamanth>
next in thread | previous in thread | raw e-mail | index | archive | help
setantae <setantae@submonkey.net> types: > On Sun, Nov 11, 2001 at 11:18:33PM -0600, Mike Meyer wrote: > > Walter Hop <walter@binity.com> types: > > > QuickQuestion(tm): does /etc HAVE to be world readable? > > After a quick scan of /etc, assuming you're running the standard base > > system tools, you can expect: 1) Files will be listed by user/group > > numbers instead of names if programs can't read /etc/passwd. 2) > > Anything trying to reach something else on the net will break because > > it can't get to /etc/resolve.conf and /etc/services. 3) Daemons that > > don't run as root may fail because they can't read /etc/services, > > though that's probably rare. 4) Mail will break in any number of > > ways. X won't be startable by users. 5) Some man pages will become > > inaccessible. 6) User programs that print won't be able to tell what > > printers are available. > Well, actually, all of those programs in theory already know what files > they are looking for, so /etc doesn't have to be world readable for those > reasons, since as long as it's world executable all of the above should > still work. You're right. I completely misread the question, thinking they wanted /etc locked. > However, it still strikes me as a really bad idea. True. Nor does it add very much security, as anyone can still read any file they could read if /etc were readable. Since the files used by most programs are well-known, you'd have to change the file name to protect them - in which case, you might as well put them in a different directory while you're at it. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Q: How do you make the gods laugh? A: Tell them your plans. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15344.34381.129195.12756>