From owner-freebsd-questions@FreeBSD.ORG Fri Sep 24 15:50:01 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A74816A4F8; Fri, 24 Sep 2004 15:50:01 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 11E5143D31; Fri, 24 Sep 2004 15:50:01 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YGD0J@asu.edu>; Fri, 24 Sep 2004 08:45:49 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J0093XYGDSO@asu.edu>; Fri, 24 Sep 2004 08:45:49 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFjl71010976; Fri, 24 Sep 2004 08:45:47 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id 4F7E8E0A; Fri, 24 Sep 2004 08:45:45 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id f924QtX21591 for ; Mon, 01 Oct 2001 21:26:55 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.0-025 #47346) david.bear@asu.edu) ; Mon, 01 Oct 2001 21:26:54 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.0-025 #47346) with ESMTP id <0GKK001MD9OUAQ@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Mon, 01 Oct 2001 21:26:54 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 624795576F; Mon, 01 Oct 2001 21:26:45 -0700 Received: by hub.freebsd.org (Postfix, from userid 538) id DDE7A37B40F; Mon, 01 Oct 2001 21:26:33 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id 6FA482E8152; Mon, 01 Oct 2001 21:26:32 -0700 (PDT) Received: by hub.freebsd.org (bulk_mailer v1.12); Mon, 01 Oct 2001 21:26:32 -0700 Received: from webs1.accretive-networks.net(Postfix) with ESMTP id 1CD1737B40C; Mon, 01 Oct 2001 21:26:28 -0700 (PDT) Received: from localhost (davidk@localhost) by webs1.accretive-networks.net (8.11.1/8.11.3) with ESMTP id f923Mf761124; Mon, 01 Oct 2001 20:22:41 -0700 (PDT) From: David Kirchner In-reply-to: Sender: owner-freebsd-security@FreeBSD.ORG X-X-Sender: To: dwbear75@gmail.com Message-id: <20011001202015.R85958-100000@localhost> MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: default X-Keywords: X-Status: cc: freebsd-security@FreeBSD.ORG cc: freebsd-questions@FreeBSD.ORG Subject: Re: file permission question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Fri, 24 Sep 2004 15:50:01 -0000 X-Original-Date: Mon, 01 Oct 2001 20:22:41 -0700 (PDT) X-List-Received-Date: Fri, 24 Sep 2004 15:50:01 -0000 /etc/passwd (probably really /etc/pwd.db) are used for several user-land programs including 'ls'. It's highly recommended that /etc/passwd stay readable to the world. Btw, the output of 'ps' can be easily reconstructed via access to the /proc filesystem. You can unmount this partition, but ps will operate differently. With /proc unmounted, you can still get a process listing for everyone - you can disable this by setting the sysctl kern.ps_showallprocs to 0. On Mon, 1 Oct 2001, default wrote: > Hi, > > I am allowing a couple of ppl to have a shell account on one of my machines, > and I am making a few changes to disallow them from using certain things... > like chmoding the 'ps' command to 550 etc... > > I wanted to ask, is there any reason why one wouldn't want to chmod to 640 > the passwd file and other similar files? ... > > Thanks, > > Jordan > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message