[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fixing file system privileges

On Mon, May 13, 2002 at 04:22:19PM +0200, Kovacs Istvan wrote:
> Hi,
> I ended up with an awk one-liner (like those proposed here). I also had
> to run MAKEDEV to fix device permissions, and then fix several files
> manually (e.g. sshd will not start with keys being world readable). I
> did an 'ls -lR /' on my home machine, then wrote a script (in rexx,
> sorry, I'm not familiar with shell script and perl) to adjust access
> rights based on the flags in the ls output. That should have got 99% of
> files right. I also have a backup of /etc on tape.
> Thanks for the help,
> Kofa

 There will probably be a lot of other files that are still world readable
but shouldn't be, but nothing complains about them.  log files, /etc/shadow,
mail spools, and crontabs are four things that I can think of that should
be private.  I don't know if reinstalling packages fixes these or not, but I
would guess that it would not affect /etc/shadow.

 I would try to copy the permissions on everything from another Debian
system.  I don't have any suggestions for a good way to do that.
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BCE

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: