From owner-freebsd-hackers  Thu Sep  6  0:40:10 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from relay1.ntu-kpi.kiev.ua (www.ntu-kpi.kiev.ua [212.111.192.161])
	by hub.freebsd.org (Postfix) with ESMTP id CC98037B406
	for <freebsd-hackers@freebsd.org>; Thu,  6 Sep 2001 00:40:00 -0700 (PDT)
Received: from comsys.ntu-kpi.kiev.ua (eth0.comsys.ntu-kpi.kiev.ua [10.0.1.184])
	by relay1.ntu-kpi.kiev.ua (Postfix) with ESMTP id 065922EEC5
	for <freebsd-hackers@freebsd.org>; Thu,  6 Sep 2001 10:39:56 +0300 (EEST)
Received: from pm5149 (pm514-9.comsys.ntu-kpi.kiev.ua [10.18.54.109])
	by comsys.ntu-kpi.kiev.ua (8.11.3/8.11.3) with SMTP id f867YBF40647
	for <freebsd-hackers@freebsd.org>; Thu, 6 Sep 2001 10:34:11 +0300 (EEST)
Message-ID: <004f01c1369d$5fc07ba0$6d36120a@comsys.ntukpi.kiev.ua>
From: "Andrey Simonenko" <simon@comsys.ntu-kpi.kiev.ua>
To: <freebsd-hackers@freebsd.org>
Subject: Permissions on /root directory and /etc/mtree/BSD.root.dist
Date: Thu, 6 Sep 2001 10:30:08 +0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="koi8-r"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2014.211
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Hi All,

I have one idea about permissions on /root directory and
permissions on /root directory specified in the /etc/mtree/BSD.root.dist
file.

After finishing FreeBSD installating process permissions
on /root directory are equal to 0755. Some administrators don't
like these permissions for home dir of root and changed them
to 0700, or to 0750, or to any other permissions.

0700 mode restricts other users from reading /root directory.
When root wants to upgrade system he/she run "make buildworld",
"make installworld". But installworld calls mtree, which changes
/root permissions to default value specified in the /etc/mtree/BSD.root.dist
file. So, if administrator will not forgot about needed permissions
on /root, then installworld will open /root directory for reading
for everybody.

I propose not to change permissions on /root directory in
the /etc/mtree/BSD.root.dist file and leave them unchanged.

Comments?



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message