Date: Mon, 12 Nov 2001 10:33:18 +0000 From: setantae <setantae@submonkey.net> To: Mike Meyer <mwm@mired.org> Cc: Walter Hop <walter@binity.com>, questions@freebsd.org Subject: Re: does /etc HAVE to be world readable? Message-ID: <20011112103318.GA79662@rhadamanth> In-Reply-To: <15343.23465.798379.106042@guru.mired.org> References: <57002037@toto.iv> <15343.23465.798379.106042@guru.mired.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 11, 2001 at 11:18:33PM -0600, Mike Meyer wrote: > Walter Hop <walter@binity.com> types: > > QuickQuestion(tm): does /etc HAVE to be world readable? > > Of course not. In fact, about the only thing that has to exist to boot > unix is the kernel and /bin/sh. The question is, what's going to break > if you remove - or lock - the things in question. > > After a quick scan of /etc, assuming you're running the standard base > system tools, you can expect: 1) Files will be listed by user/group > numbers instead of names if programs can't read /etc/passwd. 2) > Anything trying to reach something else on the net will break because > it can't get to /etc/resolve.conf and /etc/services. 3) Daemons that > don't run as root may fail because they can't read /etc/services, > though that's probably rare. 4) Mail will break in any number of > ways. X won't be startable by users. 5) Some man pages will become > inaccessible. 6) User programs that print won't be able to tell what > printers are available. Well, actually, all of those programs in theory already know what files they are looking for, so /etc doesn't have to be world readable for those reasons, since as long as it's world executable all of the above should still work. However, it still strikes me as a really bad idea. Ceri -- keep a mild groove on To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011112103318.GA79662>