Date: Thu, 13 Dec 2001 12:36:18 -0500 (EST) From: Matt Piechota <piechota@argolis.org> To: Haikal Saadh <wyldephyre2@yahoo.com> Cc: <security@FreeBSD.ORG> Subject: Re: /etc/permissions Message-ID: <20011213123158.R49226-100000@cithaeron.argolis.org> In-Reply-To: <001701c183f7$da9170d0$69c801ca@warhawk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 13 Dec 2001, Haikal Saadh wrote: > I just ran tiger on a 4.4R box today, and it mentioned that most the > files in /etc have perms that shouldn't be there...likewise, auscert's > unix security checklist recommended removing world read perms from quite > a few files. Have the permissions been overlooked, or is there some > design issue that I've missed out on? Common sense dictates that the > files in /etc/ should only be root accessible, right? Not really. If I run 'ls -l', ls needs to be able to read passwd to match the uid's on the inode to a username. If I can't read the file normally, ls (running as me) won't be able to either. I'd imagine there some things that could go without people being able to read them, but to me that's just security by obscurity, and doesn't really buy much. Except making it harder to do system maintenance without being logged in as root. -- Matt Piechota To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011213123158.R49226-100000>