[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /root/ drwxr-xr-x? possible solution?

Sorry for posting to 2 lists at the same time here.

It appears that there is very little progress towards a solution on this so I figured I would chime in with my $0.02 on the subject.

The adduser package asks a question during the configuration phase of the install of that package. It asks if you want "world readable" home directories for users on that system. This assumes that you use "adduser" rather than the standard "useradd" command.

I find it surprising that nobody has provided a patch to the specific part of the Debian install system to ask the question about root's directory and them make the required changes (chmod) if needed.

Is this something that could/would be added to Debian 3.0r1 or is it a waste of time to worry about until Sarg goes stable?

I personally chmod 700 /root on every one of my machines and don't worry about the default setting. I would answer "NO" to the question asking if root's home directory should be world readable if that question were to be asked.

To the people that maintain the packages affected by my above suggestion, would a patch supplied with a wishlist bug be used in woody+1 or is this something that must continue to be fixed with a simple chmod command?

Are there any other ideas on how to "fix" the problem without demanding a different default setting? I belive that this setting should be configurable because it seems that "everybody" will not be happy with the "default" setting no matter what it is.


At 05:35 AM 8/8/2002 +1000, Jason Lim wrote:

> On Wed, Jul 31, 2002 at 11:39:02PM +0200, Peter Palfrader wrote:
> > On Wed, 31 Jul 2002, Thomas -Balu- Walter wrote:
> >
> > > # ls -lad /root/
> > > drwxr-xr-x    9 root     root         4096 Jul 31 18:25 /root/
> > >
> > > I wonder if /root/ shouldn't be accessible by root only per default?
> > > in which package can I find this one? Should I make a bug-report or
> > > you think this is normal? (It might be some kind of SuSE-remembrance
> > > from earlier days ;)
> >
> > This is not the first time this comes up.
> >
> > short version: /root 755 is no security risk and it wont get changed
> >                either. If you want, set it to 0700 on your box.
> > long version: search the list archives (both -user and -devel will


Reply to: