Date: Sun, 20 Mar 2005 13:26:57 -0600 (CST) From: "H. S." <security@revolutionsp.com> To: freebsd-hackers@freebsd.org Subject: passwd & permissions Message-ID: <49296.81.84.174.5.1111346817.squirrel@mail.revolutionsp.com>
next in thread | raw e-mail | index | archive | help
Hey,
I'm using FreeBSD on various servers for many time now, and there is
something that always bothered me. It is related to /etc/passwd and
/etc/pwd.db permissions.
I have custom (0640) permissions on these files. However, each time a user
changes his/her password, the system will reset the password file
permissions back to the original (rw r r). I'm not much of a programmer,
but I tried to change passwd.c source to do a execl() at the end of the
file (calling chmod). After trying it, the permissions were reset anyway,
so I added a perror("execl") and it says permission denied. Should be
because passwd dropped privileges at that part of the program. I've
thought about a cron job to fix the permissions every X minutes, but I'd
like a more "clean" option to this.
Where in the system can I change the permission-reset behaviour ? This
also happens, for example, with /usr/local/sbin/ (rwx rx x are my
permissions) after I upgrade any port, it will be rwx rx rx , and
/usr/local/www too.
I've edited the mtree/ files as it sounded like a good lead, but the
behaviour remains.
What should I do ?
Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49296.81.84.174.5.1111346817.squirrel>