From owner-freebsd-bugs  Thu Oct 24  6:46: 9 2002
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id C7E9B37B401; Thu, 24 Oct 2002 06:46:08 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 76C6743E3B; Thu, 24 Oct 2002 06:46:08 -0700 (PDT)
	(envelope-from fanf@FreeBSD.org)
Received: from freefall.freebsd.org (fanf@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9ODk8x3060589;
	Thu, 24 Oct 2002 06:46:08 -0700 (PDT)
	(envelope-from fanf@freefall.freebsd.org)
Received: (from fanf@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9ODk878060585;
	Thu, 24 Oct 2002 06:46:08 -0700 (PDT)
Date: Thu, 24 Oct 2002 06:46:08 -0700 (PDT)
From: Tony Finch <fanf@FreeBSD.org>
Message-Id: <200210241346.g9ODk878060585@freefall.freebsd.org>
To: annihilator_sc@hotmail.com, fanf@FreeBSD.org,
	freebsd-bugs@FreeBSD.org
Subject: Re: conf/44433: Default permissions of some files under /etc
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

Synopsis: Default permissions of some files under /etc

State-Changed-From-To: open->closed
State-Changed-By: fanf
State-Changed-When: Thu Oct 24 06:42:34 PDT 2002
State-Changed-Why: 
Security through obscurity is no security at all. If your legitimate
users cause trouble the correct fix is non-technical. If an external
attacker gets a shell on the machine you are already doomed. The
contents of these files can be worked out by observing the behaviour
of the system. Users need to be able to see the contents in order
to debug problems without bothering the sysadmin, and the sysadmin
should not have to be root to be reminded of the contents of the files.

This is not a bug.

http://www.freebsd.org/cgi/query-pr.cgi?pr=44433

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message