Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 1 Feb 2020 00:30:10 +0700
From:      Eugene Grosbein <eugen@grosbein.net>
To:        Lars Engels <lme@freebsd.org>, "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>
Cc:        FreeBSD Hackers <freebsd-hackers@freebsd.org>, Gordon Bergling <gbergling@googlemail.com>, Ryan Stone <rysto32@gmail.com>, Wojciech Puchar <wojtek@puchar.net>
Subject:   Re: More secure permissions for /root and /etc/sysctl.conf
Message-ID:  <2714b917-37cf-6f0e-102f-5e8b91479c7a@grosbein.net>
In-Reply-To: <20200131161347.GA33086@e.0x20.net>
References:  <alpine.BSF.2.20.2001310910280.59314@puchar.net> <202001311025.00VAPZts072995@gndrsh.dnsmgr.net> <20200131161347.GA33086@e.0x20.net>

next in thread | previous in thread | raw e-mail | index | archive | help
31.01.2020 23:13, Lars Engels wrote:

> /root can store config files and shell history with confidential
> information.

If your shell keeps history file readable for group or others, you should not use such shell.

If root or any other user creates files with confidential information,
this person should use corresponding umask in its profile or login class.

You know, not being able to read a file may be a problem equal to able read another one.





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2714b917-37cf-6f0e-102f-5e8b91479c7a>