Date: Thu, 19 Apr 2001 08:45:29 -0700 From: Doug Barton <DougB@DougBarton.net> To: Gerhard Sittig <Gerhard.Sittig@gmx.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: /root and users home dir permissions Message-ID: <3ADF0819.B5882BE1@DougBarton.net> References: <20010418173927.A64529@icon.icon.bg> <20010418210425.S20830@speedy.gsinet>
next in thread | previous in thread | raw e-mail | index | archive | help
Gerhard Sittig wrote: > > On Wed, Apr 18, 2001 at 17:39 +0300, Victor Ivanov wrote: > > > > I noticed /root is installed with mode=0755 (and updated every > > time by installworld). It's the root home directory... some > > admins (like me) are using it for keeping sensitive data away > > from regular users. Shouldn't it be mode=0700 in > > /etc/mtree/BSD.root.dist? > > a+rx on /root only means that this very directory can be listed > and entered by anybody. There might be valid reasons for doing > this . . . > What keeps you from putting sensitive data into a directory one > level deeper? I agree. 755 for home dirs has a long standing tradition behind it, and is very useful in shared environments. Anything that needs to be hidden can be, in /root or elsewhere. Doug -- "One thing they don't tell you about doing experimental physics is that sometimes you must work under adverse conditions ... like a state of sheer terror." -- W. K. Hartmann Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ADF0819.B5882BE1>