Re: Fixing file system privileges
On Mon, May 13, 2002 at 04:22:19PM +0200, Kovacs Istvan wrote:
> Hi,
>
> I ended up with an awk one-liner (like those proposed here). I also had
> to run MAKEDEV to fix device permissions, and then fix several files
> manually (e.g. sshd will not start with keys being world readable). I
> did an 'ls -lR /' on my home machine, then wrote a script (in rexx,
> sorry, I'm not familiar with shell script and perl) to adjust access
> rights based on the flags in the ls output. That should have got 99% of
> files right. I also have a backup of /etc on tape.
>
> Thanks for the help,
> Kofa
There will probably be a lot of other files that are still world readable
but shouldn't be, but nothing complains about them. log files, /etc/shadow,
mail spools, and crontabs are four things that I can think of that should
be private. I don't know if reinstalling packages fixes these or not, but I
would guess that it would not affect /etc/shadow.
I would try to copy the permissions on everything from another Debian
system. I don't have any suggestions for a good way to do that.
--
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@llama.nslug. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: