Re: Filesystem permissions

To: Noah Meyerhans <noahm@debian.org>
Cc: Debian Security List <debian-security@lists.debian.org>
Subject: Re: Filesystem permissions
From: Tim Haynes <debian@stirfried.vegetable.org.uk>
Date: 16 Jun 2001 10:59:33 +0100
Message-id: <[🔎] 86zob8lp8a.fsf@potato.vegetable.org.uk>
Reply-to: debian@stirfried.vegetable.org.uk
In-reply-to: <[🔎] 20010615162500.E24376@morgul.net> (Noah Meyerhans's message of "Fri, 15 Jun 2001 16:25:00 -0400")
References: <[🔎] 3B2A6D15.B89B2CF6@telusplanet.net> <[🔎] 20010615162500.E24376@morgul.net>

Noah Meyerhans <noahm@debian.org> writes:

> Why do you want to? If nobody can read /proc then they can't run things
> like 'ps'. That's not a good thing. /etc is a similar case. Depending on
> your installation, it's quite likely that there are things in /etc that
> *need* to be readable by a normal user.

Correct ;) I can think of `/etc/passwd' straight OTTOMH - a humble ls will
confuse all the users who can't see their own username straight.

If the OP wants to persist in this, he'll have to consider system daemons
as well; your MTA & MDA probably take a walk through /etc/ as user `mail',
maybe... Woops :)

~Tim
-- 
Clouds cross the black moonlight,           |piglet@stirfried.vegetable.org.uk
Rushing on down to the sound                |http://spodzone.org.uk/
of a turning world                          |

Reply to:

References:
- Filesystem permissions
  - From: Stefan Srdic <linuxbox@telusplanet.net>
- Re: Filesystem permissions
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: moving groups
Next by Date: Re: moving groups
Previous by thread: Re: Filesystem permissions
Next by thread: Re: moving groups
Index(es):
- Date
- Thread