From owner-freebsd-security Wed Apr 18 7:35: 0 2001 Delivered-To: freebsd-security@freebsd.org Received: from icon.bg (icon.bg [62.176.80.58]) by hub.freebsd.org (Postfix) with SMTP id EFE0437B424 for ; Wed, 18 Apr 2001 07:34:52 -0700 (PDT) (envelope-from v0rbiz@icon.bg) Received: (qmail 64677 invoked by uid 1144); 18 Apr 2001 14:39:27 -0000 Date: Wed, 18 Apr 2001 17:39:27 +0300 From: Victor Ivanov To: freebsd-security@freebsd.org Subject: /root and users home dir permissions Message-ID: <20010418173927.A64529@icon.icon.bg> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="DocE+STaALJfprDB" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --DocE+STaALJfprDB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all, I noticed /root is installed with mode=3D0755 (and updated every time by installworld). It's the root home directory... some admins (like me) are using it for keeping sensitive data away from regular users. Shouldn't it be mode=3D0700 in /etc/mtree/BSD.root.dist? Also, when adding new users their home directories should be protected the same way. Am I wrong? --=20 Players win and winners play Have a lucky day --DocE+STaALJfprDB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1i iQCVAwUBOt2nHvD9M5lef5W3AQE7ngP+KrDP/FA3jsdzYLNCHAX+Fi6Zqxj6LSwX YoiJaU/9r/OHmp3GIC0Cv/etBU0q3IrZGNbsxYcjYlwyq/7oPXqn8jFUIcwtL1gI cRhe0eXPozGb1JH3RcGu13Bm3bQcKsp8NTbHvtXzfEe6HUeHTJ6HsTBfvgGx+tpx /B1x+nzzPdo= =8Gj0 -----END PGP SIGNATURE----- --DocE+STaALJfprDB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message