Date: Wed, 07 May 2008 13:32:49 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: freebsd-questions@freebsd.org Subject: Re: Fwd: Question about a recent installation Message-ID: <443aou10la.fsf@be-well.ilk.org> In-Reply-To: <75bda7a00805071016ncc40af6m847dbef0f1baf33@mail.gmail.com> (Norman Maurer's message of "Wed\, 7 May 2008 19\:16\:58 %2B0200") References: <BAY116-W17A5A3949FDC57B6F92DB7F4D60@phx.gbl> <75bda7a00805071016u2bb3428x46bdfcb87e0cfdd7@mail.gmail.com> <75bda7a00805071016ncc40af6m847dbef0f1baf33@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Norman Maurer" <norman@apache.org> writes: > ---------- Forwarded message ---------- > From: Norman Maurer <norman@apache.org> > Date: 2008/5/7 > Subject: Re: Question about a recent installation > To: Mario Vazquez <mario_vazq@hotmail.com> > > > 2008/5/6 Mario Vazquez <mario_vazq@hotmail.com>: > >> > > On May 5, 2008, at 6:17 PM, doug wrote: > > > > > > > To give limited priviledges I think sudo (as in linux??) would be > > > used. > > > > > > I concur that sudo is really a very good way of managing privileges. > > I don't even know the root passwords on the systems that I administer > > (OK, I do have them stored in a nice secured place if I ever do need > > them). > > > > Cheers, > > > > -j > > > > > > ---------------------------------- > > > > In fact, I use sudo for managing too. My question is not about > sudo itself, it's about the possible risks (if any) of having a > default installation (FreeBSD7-RELEASE) which assigns ownership of the > root folder to root:wheel, thus allowing anyone with wheel privileges > be able to see (and copy btw) root folder contents. > > > > I still not get the point.. If the files are create the default is a > umask of 022 anway. So if you want to protect your files in the root > folder to get accessed, use umask 066 and maybe chmod 700 /root. Perhaps more to the point of the question, there is nothing in /root on a default system which has any need of being kept secret. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?443aou10la.fsf>