Date: Wed, 7 May 2008 19:16:58 +0200 From: "Norman Maurer" <norman@apache.org> To: freebsd-questions@freebsd.org Subject: Fwd: Question about a recent installation Message-ID: <75bda7a00805071016ncc40af6m847dbef0f1baf33@mail.gmail.com> In-Reply-To: <75bda7a00805071016u2bb3428x46bdfcb87e0cfdd7@mail.gmail.com> References: <BAY116-W17A5A3949FDC57B6F92DB7F4D60@phx.gbl> <75bda7a00805071016u2bb3428x46bdfcb87e0cfdd7@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
---------- Forwarded message ---------- From: Norman Maurer <norman@apache.org> Date: 2008/5/7 Subject: Re: Question about a recent installation To: Mario Vazquez <mario_vazq@hotmail.com> 2008/5/6 Mario Vazquez <mario_vazq@hotmail.com>: > > On May 5, 2008, at 6:17 PM, doug wrote: > > > > To give limited priviledges I think sudo (as in linux??) would be > > used. > > > I concur that sudo is really a very good way of managing privileges. > I don't even know the root passwords on the systems that I administer > (OK, I do have them stored in a nice secured place if I ever do need > them). > > Cheers, > > -j > > > ---------------------------------- > > In fact, I use sudo for managing too. My question is not about sudo itself, it's about the possible risks (if any) of having a default installation (FreeBSD7-RELEASE) which assigns ownership of the root folder to root:wheel, thus allowing anyone with wheel privileges be able to see (and copy btw) root folder contents. > I still not get the point.. If the files are create the default is a umask of 022 anway. So if you want to protect your files in the root folder to get accessed, use umask 066 and maybe chmod 700 /root. Cheers Norman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?75bda7a00805071016ncc40af6m847dbef0f1baf33>