Date: Fri, 31 Jan 2020 09:10:46 +0100 (CET) From: Wojciech Puchar <wojtek@puchar.net> To: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> Cc: Wojciech Puchar <wojtek@puchar.net>, FreeBSD Hackers <freebsd-hackers@freebsd.org>, Gordon Bergling <gbergling@googlemail.com>, Ryan Stone <rysto32@gmail.com> Subject: Re: More secure permissions for /root and /etc/sysctl.conf Message-ID: <alpine.BSF.2.20.2001310910280.59314@puchar.net> In-Reply-To: <202001302119.00ULJn4Q070746@gndrsh.dnsmgr.net> References: <202001302119.00ULJn4Q070746@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> I don't see the point in making this change to sysctl.conf. sysctls >>> are readable by any user. Hiding the contents of sysctl.conf does not >>> prevent unprivileged users from seeing what values have been changed >>> from the defaults; it merely makes it more tedious. >> true. but /root should be root only readable > > Based on what? What security does this provide to what part of the system? based on common sense
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.2001310910280.59314>