From owner-freebsd-questions@FreeBSD.ORG Thu Jun 27 02:58:38 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 94D4748E for ; Thu, 27 Jun 2013 02:58:38 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) by mx1.freebsd.org (Postfix) with ESMTP id 601241F57 for ; Thu, 27 Jun 2013 02:58:38 +0000 (UTC) Received: from r56.edvax.de (port-92-195-15-122.dynamic.qsc.de [92.195.15.122]) by mx01.qsc.de (Postfix) with ESMTP id 8974A3CECA; Thu, 27 Jun 2013 04:58:35 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id r5R2wfgC001919; Thu, 27 Jun 2013 04:58:41 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Thu, 27 Jun 2013 04:58:41 +0200 From: Polytropon To: ASV Subject: Re: A very 'trivial' question about /root Message-Id: <20130627045841.7cdff648.freebsd@edvax.de> In-Reply-To: <1372282481.3268.27.camel@blackfriar.inhio.eu> References: <1372282481.3268.27.camel@blackfriar.inhio.eu> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jun 2013 02:58:38 -0000 On Wed, 26 Jun 2013 23:34:41 +0200, ASV wrote: > There's any reason (and should be a fairly good one) why the /root > directory permissions by default are set to 755 (for sure on releases > 8.0/8.1/9.0/9.1)???? This is the default permission for user directories, as root is considered a user in this (special) case, and /root is its home directory. The installer does not put anything "secret" in there, but _you_ might, so there should be no issue changing it to a more restricted access permission. Hint: When a directory is r-x for "other", then it will be indexed by the locate periodic job, so users could use the locate command (and also find) to look what's in there. If this is not desired, change to rwx/---/---, or rwx/r-x/--- if you want to allow (trusted) users of the "wheel" group to read and execute stuff from that directory (maybe homemade admin scripts in /root/bin that should not be "public"). There are few things that touch /root content. System updating might be one of them, but as it is typically run as root (and even in SUM), restrictive permissions above the default are no problem. To summarize the answer for your question: It's just the default. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...