Date: Fri, 5 Jun 2020 07:12:40 +0000 From: Alexey Dokuchaev <danfe@freebsd.org> To: Cy Schubert <Cy.Schubert@cschubert.com> Cc: Conrad Meyer <cem@freebsd.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r361791 - head/etc/mtree Message-ID: <20200605071240.GA98879@FreeBSD.org> In-Reply-To: <202006041619.054GJZ3C018924@slippy.cwsent.com> References: <202006041604.054G4KAb098395@repo.freebsd.org> <202006041619.054GJZ3C018924@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 04, 2020 at 09:19:35AM -0700, Cy Schubert wrote: > In message <202006041604.054G4KAb098395@repo.freebsd.org>, Conrad Meyer > writes: > > New Revision: 361791 > > URL: https://svnweb.freebsd.org/changeset/base/361791 > > > > Log: > > Restrict default /root permissions > > > > ... > > @@ -117,7 +117,7 @@ > > .. > > rescue > > .. > > - root > > + root mode=0750 > > .. > > Recent CIS benchmarks recommend 0700. Please, let's keep a reasonable balance between security and usability. I often visit /root as a regular user (wheel'ed), and 0700 would make it real PITA. ./danfe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200605071240.GA98879>