Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 13 Apr 2006 16:08:26 +0200
From:      =?ISO-8859-1?Q?K=F6vesd=E1n_G=E1bor?= <gabor.kovesdan@t-hosting.hu>
To:        Jerry McAllister <jerrymc@clunix.cl.msu.edu>
Cc:        freebsd-bugs@FreeBSD.org
Subject:   Re: misc/95684: /root wrong permissions
Message-ID:  <443E5B5A.7080506@t-hosting.hu>
In-Reply-To: <200604131400.k3DE0WSe053160@freefall.freebsd.org>
References:  <200604131400.k3DE0WSe053160@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Jerry McAllister wrote:
> The following reply was made to PR misc/95684; it has been noted by GNATS.
>
> From: Jerry McAllister <jerrymc@clunix.cl.msu.edu>
> To: c_dornig@gmx.de (C.D.)
> Cc: freebsd-gnats-submit@freebsd.org
> Subject: Re: misc/95684: /root wrong permissions
> Date: Thu, 13 Apr 2006 09:59:31 -0400 (EDT)
>
>  > 
>  > 
>  > >Number:         95684
>  > >Category:       misc
>  > >Synopsis:       /root wrong permissions
>  > >Confidential:   no
>  > >Severity:       critical
>  > >Priority:       medium
>  > >Responsible:    freebsd-bugs
>  > >State:          open
>  > >Quarter:        
>  > >Keywords:       
>  > >Date-Required:
>  > >Class:          sw-bug
>  > >Submitter-Id:   current-users
>  > >Arrival-Date:   Thu Apr 13 09:50:15 GMT 2006
>  > >Closed-Date:
>  > >Last-Modified:
>  > >Originator:     C.D.
>  > >Release:        5.4 RELEASE, 6.0 RELEASE
>  > >Organization:
>  > none
>  > >Environment:
>  > >Description:
>  > Dear FreeBSD Team,
>  > 
>  > 
>  > 
>  > with standard installation of FBSD 5.4 Released or 6.0 Released from CD-ROM,
>  > you have after install process a wrong permission of /root.
>  > It is 0755, but it should be 0700.
>  > I see this as an Security hole.
>  
>  I was just able to look back as far as FreeBSD 3.2 - as far back as 
>  I have anything handy running and they all have "/" set to 755.
>  
>  I don't understand why it should be 0700. 
>  
>  If you did that, no person could do an ls or get to directories under
>  root.   The 755 setting does not allow group or world to write to root,
>  just get to the necessary things in it.
>  
>  
I think you misunderstood the problem of the submitter. He meant 
"/root", the home of the root user, not the root filesystem "/".

Gabor Kovesdan

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?443E5B5A.7080506>