Re: Bug#72327: boot-floppies: doesn't install .bash_logout for root (fwd)
On Wed, Sep 27, 2000 at 02:35:34PM +0200, Matthias Klose wrote:
> > > > Well, this is security throught obscurity, and I don't think we
> > > > should encourage it. Privacy and security should be different
> > > > things. While I agree we should fix every security hole, I don't
> > > > think we should impose a default privacy policy. If we did what you
> > > > suggest, we should change default mode for directories in /home to
> > > > be 750 or something alike.
> > > >
> > > > I think the lack of a .bash_logout file is in line with /home
> > > > directories being 755 by default and other non-privacy defaults in
> > > > Debian, if we decide to change one of them we would have to change
> > > > them all.
> > >
> > > But this is a wee bit different. This is the _root_ account. Its home
> > > directory, /root, is mode 700. Admin is a special kind of user, and his
> > > security/privacy policies are special.
> >
> > Are you sure?
> >
> > $ tar ztvf base2_2.tgz | awk '$6 == "./root/" '
> > drwxr-xr-x root/root 0 2000-07-05 19:47:09 ./root/
>
> maybe this changed. At least a have some slink boxes where 700 was the
> default.
Indeed, this changed, and that's not good. Why was this gratuitous change
made?
--
Digital Electronic Being Intended for Assassination and Nullification
Reply to: