Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 31 Jan 2020 09:10:46 +0100 (CET)
From:      Wojciech Puchar <wojtek@puchar.net>
To:        "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>
Cc:        Wojciech Puchar <wojtek@puchar.net>, FreeBSD Hackers <freebsd-hackers@freebsd.org>, Gordon Bergling <gbergling@googlemail.com>, Ryan Stone <rysto32@gmail.com>
Subject:   Re: More secure permissions for /root and /etc/sysctl.conf
Message-ID:  <alpine.BSF.2.20.2001310910280.59314@puchar.net>
In-Reply-To: <202001302119.00ULJn4Q070746@gndrsh.dnsmgr.net>
References:  <202001302119.00ULJn4Q070746@gndrsh.dnsmgr.net>

next in thread | previous in thread | raw e-mail | index | archive | help
>>> I don't see the point in making this change to sysctl.conf.  sysctls
>>> are readable by any user.  Hiding the contents of sysctl.conf does not
>>> prevent unprivileged users from seeing what values have been changed
>>> from the defaults; it merely makes it more tedious.
>> true. but /root should be root only readable
>
> Based on what?  What security does this provide to what part of the system?
based on common sense



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.2001310910280.59314>