From owner-freebsd-arch Fri Jul 28 6:26: 2 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mout1.freenet.de (mout1.freenet.de [194.97.50.132]) by hub.freebsd.org (Postfix) with ESMTP id C3C1A37C301; Fri, 28 Jul 2000 06:25:54 -0700 (PDT) (envelope-from netchild@leidinger.net) Received: from [194.97.50.138] (helo=mx0.freenet.de) by mout1.freenet.de with esmtp (Exim 3.16 #1) id 13IA9A-0003vf-00; Fri, 28 Jul 2000 15:25:52 +0200 Received: from a3932.pppool.de ([213.6.57.50] helo=Magelan.Leidinger.net) by mx0.freenet.de with esmtp (Exim 3.16 #1) id 13IA99-0003dm-00; Fri, 28 Jul 2000 15:25:52 +0200 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.9.3/8.9.3) with ESMTP id OAA12917; Fri, 28 Jul 2000 14:09:32 +0200 (CEST) (envelope-from netchild@Leidinger.net) Message-Id: <200007281209.OAA12917@Magelan.Leidinger.net> Date: Fri, 28 Jul 2000 14:09:31 +0200 (CEST) From: Alexander Leidinger Subject: Re: How much security should ldconfig enforce? To: rwatson@FreeBSD.ORG Cc: n@nectar.com, jdp@polstra.com, arch@FreeBSD.ORG In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 27 Jul, Robert Watson wrote: > So my preference here is: permissions and ownership in the base install > are fine. The default compile (and preferably install) should allow users > to include group-writable shared library paths, if not world-writable > paths. Consider our adduser implementation: each user is in their own > group anyway :-). Not ldconfig related: What about adding checks to /etc/security for permission critial parts of the system (perhaps controled by periodic.conf)? Bye, Alexander. -- 0 and 1. Now what could be so hard about that? http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = 7423 F3E6 3A7E B334 A9CC B10A 1F5F 130A A638 6E7E To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message