From owner-freebsd-hackers Tue Jan 14 15:33:15 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id PAA15328 for hackers-outgoing; Tue, 14 Jan 1997 15:33:15 -0800 (PST) Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id PAA15321 for ; Tue, 14 Jan 1997 15:33:06 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id AAA22233 for hackers@FreeBSD.ORG; Wed, 15 Jan 1997 00:33:02 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.8.4/8.6.9) id AAA07974; Wed, 15 Jan 1997 00:28:15 +0100 (MET) Message-ID: Date: Wed, 15 Jan 1997 00:28:15 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@FreeBSD.ORG Subject: Re: Default accounting file permissions. References: <22178.853226812@time.cdrom.com> X-Mailer: Mutt 0.55-PL10 Mime-Version: 1.0 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: <22178.853226812@time.cdrom.com>; from Jordan K. Hubbard on Jan 13, 1997 23:26:52 -0800 Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk As Jordan K. Hubbard wrote: > If there's no /var/account/acct file, it creates one with the standard > umask by touching it and I think that this is bad. Would not: > > if [ ! -e /var/account/acct ]; then > touch /var/account/acct && chmod 600 /var/account/acct > fi > > Be safer, or would this break something? I don't think that Joe User > should be able to see what root (or anyone else) is up to. > > If no one can point out how this might be bad, I'll make the change. Make it at least 0640 root:wheel, so members of group wheel will be able to look at the accounting info without su'ing before. (They are already semi-trusted users anyway.) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)