From owner-freebsd-stable Wed Apr 15 12:25:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA16717 for freebsd-stable-outgoing; Wed, 15 Apr 1998 12:25:39 -0700 (PDT) (envelope-from owner-freebsd-stable@FreeBSD.ORG) Received: from set.spradley.tmi.net (set.spradley.tmi.net [207.170.107.99]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id TAA16708; Wed, 15 Apr 1998 19:25:30 GMT (envelope-from tsprad@set.spradley.tmi.net) Received: from localhost (set.spradley.tmi.net) [127.0.0.1] by set.spradley.tmi.net with esmtp (Exim 1.82 #2) id 0yPXnd-0004WJ-00; Wed, 15 Apr 1998 14:24:49 -0500 X-Mailer: exmh version 2.0zeta 7/24/97 To: dima@best.net cc: trost@cloud.rain.com (Bill Trost), stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions In-reply-to: Your message of "Wed, 15 Apr 1998 09:52:58 PDT." <199804151652.JAA00719@burka.rdy.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 15 Apr 1998 14:24:48 -0500 From: Ted Spradley Message-Id: Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk > > As for the world read permissions: Removing the read permissions seems > > like a gratuitious pseudo-security change. Is there any reason to > > prevent users from reading the kernel? Presumably, /usr/src/sys is > > In some case I don't want my users to read a kernel name list. > > > readable anyhow, so a person could build their own kernel with the same > > configuration, so they may as well just copy the running one. > > You do not always have /usr/src/sys on your machine. Especially > on a production enviroment. You can change the permissions any way you like on your machine. Users who are knowledgeable enough to worry about know where they can find the sources. To me, this is just gratuitous change for the sake of change. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message