Re: rwxr-xr-x /root
On Sat, Nov 11, 2000 at 05:54:16PM +0100, Josip Rodin wrote:
> On Sat, Nov 11, 2000 at 04:15:19PM +0100, Robin Putters wrote:
> > First of all, I don't know if this is the right list to send this question
> > to. If not, please don't hurt me :).
> >
> > After I had installed potato, I noticed that my /root had it's permissions
> > set to 755. I thought I did something wrong, but I decided to have a look at
> > base2_2.tgz. The permissions are 755 in that package too.
> > Why on earth would you want to have your roots homedir world-readable? It
> > sounds like a serious security issue to me.
>
> In theory, having the directory readable to others shouldn't hurt because
> root should guard his files just like any other user. Having it unreadable
> to others can be declared security through obscurity, and Debian in general
> doesn't do that.
>
> In practice, it's a bad idea because roots can be careless just like other
> users, and then it affects the whole system... the default installation
> should try to protect the user from himself.
>
> Bug report about this has already been filed.
Of course, then there's the fact that there's really no reason for root
to HAVE files; others may disagree w/ me, but honestly, why would you
need to? You should be doing things like compiling tarballs as a normal
user, and sudo'ing to make install. The only files that would be owned
by root would be in places other than /root and /home. Of course, if
you're not using sudo, and regularly logging in as root, then you're
probably not too concerned with security to begin with..
This is all IMHO. No flamewars w/ people who prefer normal su, please ;)
>
> --
> Digital Electronic Being Intended for Assassination and Nullification
>
>
> --
> To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: