Re: /root/ drwxr-xr-x? possible solution?
Either /root as 755 is a problem, and everyone should run
around 'chmod 700 root'-ing, or 755 is not a problem, and
this discussion is dumb. There is no middle ground where a
new installation should ask - if it's not dangerous, don't
ask. If it /is/ dangerous, don't ask. It's the dumb users
you're trying to protect, and you shouldn't ask dumb users
If 755 root were a problem, I'd expect to find it mentioned
in the securing-debian-howto. It's not, at least on my grep
for "root" and "permission". There's no bug against
harden-doc, which is the package containing the howto, or
against harden, which is the source package. I assume that
the rest of the harden packages don't change permissions or
warn about /root.
I would much prefer that the community started a discussion
about making security the default on any of the /actual/
security issues listed in the securing-debian-howto, for
example, disabling remote root login, or making sure the
system is kept up-to-date with security patches.
In the interest of brevity,
Now back to your regularly scheduled "I just noticed I can
remove a file I don't have write permission on" security