From owner-freebsd-bugs Thu Oct 24 6:20: 4 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B332137B401 for ; Thu, 24 Oct 2002 06:20:02 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 07E0A43E6A for ; Thu, 24 Oct 2002 06:20:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9ODK1x3017762 for ; Thu, 24 Oct 2002 06:20:01 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9ODK1PD017761; Thu, 24 Oct 2002 06:20:01 -0700 (PDT) Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 071C237B401 for ; Thu, 24 Oct 2002 06:16:31 -0700 (PDT) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id BCAE743E42 for ; Thu, 24 Oct 2002 06:16:30 -0700 (PDT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.12.6/8.12.6) with ESMTP id g9ODGU7R063348 for ; Thu, 24 Oct 2002 06:16:30 -0700 (PDT) (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.12.6/8.12.6/Submit) id g9ODGUex063347; Thu, 24 Oct 2002 06:16:30 -0700 (PDT) Message-Id: <200210241316.g9ODGUex063347@www.freebsd.org> Date: Thu, 24 Oct 2002 06:16:30 -0700 (PDT) From: Annihilator To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: conf/44433: Default permissions of some files under /etc Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 44433 >Category: conf >Synopsis: Default permissions of some files under /etc >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Oct 24 06:20:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Annihilator >Release: >Organization: SawMan's Consortium >Environment: FreeBSD router.pilar 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Sat Oct 12 01:02:55 CEST 2002 root@sarah.pilar:/usr/src/sys/compile/ROUTER i386 >Description: Default permissions on certain system configuration files in the /etc hierarchy are, in my opinion, too weak. Users have no need to access these files which, after all, contain configuration information that may be used against the system. The files are: ssh/sshd_config crontab exports ftpusers ipf.rules ipnat.rules ipsec.conf (not 100% sure about this one) newsyslog.conf nsmb.conf periodic.conf syslog.conf >How-To-Repeat: >Fix: 'chmod 600' the said files. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message