From owner-freebsd-hackers Mon Jul 21 17:28:50 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id RAA22533 for hackers-outgoing; Mon, 21 Jul 1997 17:28:50 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.50]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id RAA22527 for ; Mon, 21 Jul 1997 17:28:43 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id RAA12174; Mon, 21 Jul 1997 17:23:14 -0700 From: Terry Lambert Message-Id: <199707220023.RAA12174@phaeton.artisoft.com> Subject: Re: sendmail complains about being unable to write his pid file To: imp@rover.village.org (Warner Losh) Date: Mon, 21 Jul 1997 17:23:14 -0700 (MST) Cc: terry@lambert.org, sthaug@nethelp.no, andreas@klemm.gtn.com, hackers@FreeBSD.ORG In-Reply-To: from "Warner Losh" at Jul 21, 97 03:46:17 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > : Can you please explain how root ownership makes something more secure? > > Files owned by root are harder to change via NFS than files owned by > bin. root access n NFS is generally blocked, but no so with other, > non-zero uids. This only argues for read-only export of / and /user FS's, as far as I can see, and not for root rather than bin ownership of files or directories themselves. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.