Re: /root/ drwxr-xr-x? possible solution?

[Loren Jordan <ljordan@nw3c.org>]

At 10:16 AM 8/8/2002 -0600, Georg Lehner wrote:
> Hello!
>
> El mié, 07-08-2002 a las 15:00, Loren Jordan escribió:
> ...
>
> > The adduser package asks a question during the configuration phase of the
> > install of that package.  It asks if you want "world readable" home
> ...
>
> > I find it surprising that nobody has provided a patch to the specific part
> > of the Debian install system to ask the question about root's directory 
> and
> > them make the required changes (chmod) if needed.
>
> Well, YOU did not provide a patch, right? ;-)

Very true...  I am happy to just do the chmod manually.  If any of the 
maintainers for the effected packages respond back to my question, I might 
just whip up the patches.  This is not something that I NEED, it's just a 
possible solution to keep the countless threads from popping up regarding 
this subject :)


> > I personally chmod 700 /root on every one of my machines and don't worry
> > about the default setting.  I would answer "NO" to the question asking if
> > root's home directory should be world readable if that question were to be
> > asked.
>
> People tend to believe, that you won't ever put *any* file into /root,
> because you *never* log into the root account to "do" tings.

I'm a little curious where root's custom home brew scripts should be 
put?  I can't think of a good reason to make my own 
/usr/local/<something>.  Many of my system maintenance scripts have private 
things in them like database passwords and such...  Would root's ~/bin not 
be acceptable place for this type of stuff?  The names and contents of 
these files are not necessary information for any user on the machine (if 
any) so why not put them in a root:root owned,  700 mode dir such as 
/root/  I can and do chmod 700/500 or 100 these files just for the fun of 
it.  Is it needed?  Does it help?  That is up for debate, just not here...


> You use the sysadmins, or any other account, and us "su" in the momento
> you need root access.

What about the machines that have 0 "shell users", just the guy that keeps 
the box running?  I use root for that so I don't need suid programs to run 
via cron to do automated system maintenance from a non-root user 
account.  This keeps security simple as far as I am concerned.  If I make 
these programs available to a user account (not root), I need to start 
messing with groups.  The only reason to access these machines is to 
troubleshoot which almost always requires reading logs and I refuse to type 
sudo tail /var/log/<something> every time I need to see the log.  I log in, 
look around, fix things and then exit.  This is exactly where what you 
recommend "su" for.

Please don't think that I have a problem with you having an 'operator' 
account that you 'sudo' or 'su' from.  That's a good idea if you many 
operators (more than 1) and want to keep track of who did what.  In my 
situation, if somebody breaks the box, it was "ME" that did it so I slap my 
wrist and then fix the box.


> The root account only exists, to give you a home when you go single user
> and the like.
>
> So starting to hide what should not be there means encouraging bad
> practice.

Since when is having a directory only accessible by root a bad idea?  It's 
not a good idea to make /etc/shadow world readable is it?  I feel that it's 
ok to have the shadow file readable only by root and having /root/ only 
readable by root is ok too.  They can/do? contain information that no user 
needs or even should NOT know.


> However for "single-user" installations thinks are different then for
> Servers on the Internet, and Debian should not restrict itself by en
> elitee auto-perception of higly sofisticated unix administration.

Be careful with this assumption.  I have several "single-user" machines 
that are servers on the internet.  I use iptables to restrict ssh access to 
specific IP address blocks and have absolutely NO general user accounts.  I 
ssh in as root, do what needs done and then log out.  I don't mess around 
with things as these are production servers and I treat them as such.  I 
have lots of accounts on my workstations and development servers.  I do all 
sorts of things, including break things via user accounts as well as root 
on these machines because uptime is not important (for testing) and it 
causes no down time to any paying customers.


> If there would be one more question with low priority in debconf, it'd
> just be handy for a lot of users.  The default should be world-readable
> root directories.

I agree that the default should world readable on /root/  My needs require 
me to change that.  Any administrator must take steps to secure their 
servers against bad customers/users.  This requires making decisions that 
quite often require changing default settings in anything they may 
install.  This even goes for M$ Windoze systems too(wow!).  All systems 
must be audited and secured before being put into production in a secure 
and reliable manner.


> Throw it in, and send the patch to the maintainer!  If they don't like
> it, you can set up your unofficial utility package on any server, so
> people who like it can download it from there.

The day I "need" this or if the maintainer of the package(s) affected 
replies to me, I might just whip up the patch (as noted above).


> Best Regards,
>
>         Jorge-León

Have a great day and remember that I am not demanding my opinions are the 
only ones that don't stink... :)

Loren



> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org