From owner-freebsd-security  Thu Dec 13  9:27:27 2001
Delivered-To: freebsd-security@freebsd.org
Received: from smtp015.mail.yahoo.com (smtp015.mail.yahoo.com [216.136.173.59])
	by hub.freebsd.org (Postfix) with SMTP id 28F5337B405
	for <security@freebsd.org>; Thu, 13 Dec 2001 09:27:25 -0800 (PST)
Received: from unknown (HELO warhawk) (202.1.200.105)
  by smtp.mail.vip.sc5.yahoo.com with SMTP; 13 Dec 2001 17:01:50 -0000
From: "Haikal Saadh" <wyldephyre2@yahoo.com>
To: <security@freebsd.org>
Subject: /etc/permissions
Date: Thu, 13 Dec 2001 22:01:43 +0500
Message-ID: <001701c183f7$da9170d0$69c801ca@warhawk>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2616
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Importance: Normal
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

I just ran tiger on a 4.4R box today, and it mentioned that most the
files in /etc have perms that shouldn't be there...likewise, auscert's
unix security checklist recommended removing world read perms from quite
a few files. Have the permissions been overlooked, or is there some
design issue that I've missed out on? Common sense dictates that the
files in /etc/ should only be root accessible, right?


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message