Re: root's home world readable
Also, it doesn't take a Genius to change a mode. If you are going to put sensitive information into /root try this:
chmod 2770 /root -R
Phil
----- Original Message -----
From: "Francesco P. Lovergine" <frankie@debian.org>
To: "Debian-Security List" <debian-security@lists.debian.org>
Sent: Wednesday, February 27, 2002 5:52 PM
Subject: Re: root's home world readable
On Wed, Feb 27, 2002 at 09:40:05PM +0100, eim wrote:
> Well, that's *BSD security. :)
>
> I'll always thinking about installing some
> OpenBSD boxes in my network.
>
> gotta try. thanks for the tip.
>
> - Ivo
>
> On Fri, 2002-02-15 at 08:48, Sean Whitney wrote:
> > bash-2.05$ uname -a
> > OpenBSD www 3.0 GENERIC#27 sparc64
> >
> >
> > drwx------ 3 root wheel 512 Jan 24 22:19 root
> >
> >
> > Sean
> >
> >
> > On Thursday 14 February 2002 13:49, Jacques Lav!gnotte hammered on some keys:
> > > On Mon, Jan 21, 2002 at 07:54:03PM +0100, eim wrote:
> > > > Hallo debian-sec folks,
> > > >
> > > > While I was checking up some configurations,
> > > > I've noticed that the root's home directory /root
> > > > is world readable...
> > > >
> > > > $ drwxr-xr-x 2 root root 4.0k Jan 21 15:33 root
> > > >
> > > > This seems to be Debian's default configuration,
> > > > because also on other Potato boxes I've found that
> > > > same configuration.
> > > >
> > > > Well, as far as I can remember from the Slackware times,
> > > > root's home dir wasn't world readable by default.
> > >
> > > Hummmm.... let me see :
> > >
> > > $ uname -a
> > > NetBSD netbsd 1.5.2 NetBSD
> > >
> > > $ ls -la /root
> > > total 2276
> > > drwxr-xr-x 6 root wheel 512 Dec 12 22:31 .
> > >
> > >
> > > Huh :-)
Debian asks if home dirs should be word readable or not at installation time.
I assume this is true for root also.
--
Francesco P. Lovergine
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: