From owner-freebsd-security@FreeBSD.ORG Fri Sep 5 08:45:30 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A6D0616A4BF for ; Fri, 5 Sep 2003 08:45:30 -0700 (PDT) Received: from txemail.bankofamerica.com (txemail.bankofamerica.com [171.161.160.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 494D243FBD for ; Fri, 5 Sep 2003 08:45:28 -0700 (PDT) (envelope-from Urvi.Biyala@bankofamerica.com) Received: from tximail.bankofamerica.com (tximail.bankofamerica.com [171.182.168.13])h85FjRfH002004 for ; Fri, 5 Sep 2003 15:45:27 GMT Received: from memscmpl1 (txdalcu01s1340.bankamerica.com [171.178.0.202]) h85FhnF6001898 for ; Fri, 5 Sep 2003 15:45:27 GMT Received: from smtpsw05 (171.178.2.249) by memscmpl1 (Sigaba Gateway v3.5) with SMTP; Fri, 5 Sep 2003 10:45:27 -0500 Date: Fri, 05 Sep 2003 10:45:26 -0500 From: "Biyala, Urvi" To: freebsd-security@freebsd.org Message-id: <5D1AD4FB7DB0AC41879DC46D00FE593B399FB4@ex2k.bankofamerica.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft Exchange V6.0.6375.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Content-class: urn:content-classes:message Thread-topic: MAC problems Thread-index: AcNyhQnfoHEN0hAkTyGgbHFcLzsqVAAnIgxw X-MS-Has-Attach: X-MS-TNEF-Correlator: X-OriginalArrivalTime: 05 Sep 2003 15:45:27.0248 (UTC) FILETIME=[BA469D00:01C373C4] Subject: Question about world read permissions on system level files X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2003 15:45:30 -0000 All, I need to trim the world read permissions from the system sensitive files. I know that it would be safe to trim the permissions from many of the configuration files in /etc. But I was not sure if I could safely tighten the permissions form other system files. Does any one know of any documentation on this. Or can any one tell me if it is safe to trim world read permissions from the system files. Thanks in advance, Urvi