Date: Mon, 21 Feb 2000 10:46:46 +0100 (CET) From: Oliver Brandmueller <ob@sauerbruch.evk-koeln.de> To: Sheldon Hearn <sheldonh@uunet.co.za> Cc: freebsd-current@FreeBSD.ORG Subject: Re: Installing linux_base 6.1 Message-ID: <m12MpQY-000QxqC@sauerbruch.evk-koeln.de> In-Reply-To: <45529.951123142@axl.noc.iafrica.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 21 Feb, Sheldon Hearn wrote: >> I would be opposed to this for security reasons. The last thing I >> want to see are /usr/local versions of /etc/ files related to security. > > Could you explain _why_? Is this just a matter of taste, or is there a > concrete security concern in play? Securing one directory is much simpler, than securing two directories. And making /etc secure in times when you sometimes simply don't want users fetch a userlist from your password file is hard enough. I wouldn't like to deal with two directories in that matter. Having /etc mounted read-only can be OK in many cases, but also mount /usr/local/etc read-only would make life much more difficult as you have to remount it read-write for most simple add-on-software or for fiddling in your local configuration. So I agree not to have security related files in /usr/local. Bye, Oliver To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m12MpQY-000QxqC>