Date: Wed, 29 Jan 2020 10:53:25 +0100 From: Gary Jennejohn <gljennjohn@gmail.com> To: Gordon Bergling via freebsd-hackers <freebsd-hackers@freebsd.org> Cc: Gordon Bergling <gbergling@googlemail.com> Subject: Re: More secure permissions for /root and /etc/sysctl.conf Message-ID: <20200129105325.600cddc1@ernst.home> In-Reply-To: <20200129092631.GA22505@lion.0xfce3.net> References: <20200129092631.GA22505@lion.0xfce3.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 29 Jan 2020 10:26:31 +0100 Gordon Bergling via freebsd-hackers <freebsd-hackers@freebsd.org> wrote: > Hi, > > I recently stumbled upon the default world readable permissons of /root and > /etc/sysctl.conf. I think that it would be more secure to reduce the default > permission for /root to 0700 and to 0600 for /etc/sysctl.conf. > > I prepared a differtial for the proposed change: > https://reviews.freebsd.org/D23392 > > What do you think? > I think that changing the permissions on / would defeat the purpose of /etc/devd.conf and then adding users to certain groups in /etc/group to make devices usable without having to escalate to root rights. -- Gary Jennejohn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200129105325.600cddc1>