Hello, First of all, I'd like to say that, yes, I know this was discussed before, but no consensus was reached and the thread died. (Or at least, the one I found by doing a quick Google search) Back to the issue at hand, the default permissions on /root/, which, at the moment, are 755. IMHO, this is a possible security problem and it should be set to, at least, 750 (thus allowing users in the wheel group to access it). The reason behind this is simple, root is the system administrator account, it should not be used for anything but that. So, everything in /root/ is related, strictly to the task of administering the machine, thus, off limits for the average luser. A comparison between said average lusers' home dirs and /root/ isn't appropriate since, again, you should only use root for administration tasks and not for sharing files and what not, which is what (or at least, the way I understand it) why the normal users' home dirs are 755. Furthermore, I do believe the principle of least astonishment applies here. I expect root's files, in root's home, to be readable _only_ by root. Arguments against 750? A sysadmin should know what he's doing and chmod sensitive files so that nobody can read them. As a side note, while discussing this, somebody asked "what's stopping you from doing a 'chmod 750 /root/'". I think the answer is that Debian shouldn't be broken, by default and rely on the system administrator to fix it. That being said, should I file a bug against base-files? P.S. Please preserve the CC: on the replies sent to the list. Thank you. -- Regards, Birzan George Cristian
Attachment:
pgp9Z4Plar7_E.pgp
Description: PGP signature