Re: Permissions on /root/

To: debian-security@lists.debian.org
Cc: Phil Barbier <pbarbier@rogers.com>
Subject: Re: Permissions on /root/
From: Birzan George Cristian <ymir@wolfheart.ro>
Date: Sat, 8 Mar 2003 20:57:19 +0200
Message-id: <[🔎] 20030308185719.GA19139@heimdall.wolfheart.ro>
Mail-followup-to: debian-security@lists.debian.org, Phil Barbier <pbarbier@rogers.com>
Reply-to: ymir@wolfheart.ro
In-reply-to: <p04320401ba8fe41be0cd@[192.168.3.11]>
References: <[🔎] 20030308110213.GB11749@heimdall.wolfheart.ro> <p04320407ba8fc7521d85@[192.168.3.11]> <[🔎] 20030308172352.GA19005@heimdall.wolfheart.ro> <p04320401ba8fe41be0cd@[192.168.3.11]>

On Sat, Mar 08, 2003 at 07:19:44PM +0100, Christian Jaeger wrote:
> Call me paranoid:) 

Yes, but if you're so paranoid, why not add another layer of protection,
by making /root/ 700?

> I meant, if /root is world-readable, then you can still make a 
> subdirectory which is not (i.e. I have a /root/tmp which is 0700). If 
> /root is not world-readable, then it can never contain stuff to be 
> used by other users.

This would be the default setup, not the mandatory one. Administrators
could change it to whatever they want. As I said in a previous email,
the fact that it doesn't work is going to work is pretty obvious, as
opposed to noticing that because you were sloppy once, somebody read
something they shouldn't have.

> I don't because:
> - I'm promoting my /root/{bin,...} solution for colleagues as well, 
> and we share scripts in those directories. They would have to include 
> the bin/ subdirectory of my home dir on the machines we share.
> - the scripts under /root/* are owned by root. If OTOH I'm executing 
> the $HOME/bin/ scripts of another user and his account is 
> compromised, root would be as well.
> - in my own non-root ~/bin/ are scripts that are really specific to 
> me, noone else. (And sometimes I start writing new scripts there, 
> until they are ready for everyone to be used, at which point I'm 
> moving and chown'ing them to root.)

Okay, bad example. Maybe /opt/{bin,...}? Or even /opt/mystuff/{bin,...},
if you still want to be able to tar them up easily. (arguably, this
would be easily accomplished by an alias, tarstuff will tar up
/opt/{bin,...})

The least that could be done wold be to _ask_ the user which he prefers.
As I said, there are people who aren't aware of this. Others may, as I
said, get sloppy, being used to, say, RedHat, which has it 750. I'm not
saying they're not to blame, I'm just saying they should be educated.

And if all else fails, all other things being equal, I think we should
look at which of the two scenarios is more likely to occur. How many
administrators actually use the directory structure you suggested?
(which, imho, is not FHS compliant, so it can't really constitute an
argument in 755's favour...)

-- 
Regards,
Birzan George Cristian

Attachment: pgpFfwUlrFWab.pgp
Description: PGP signature

Reply to:

References:
- Permissions on /root/
  - From: Birzan George Cristian <ymir@wolfheart.ro>
- Re: Permissions on /root/
  - From: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>
- Re: Permissions on /root/
  - From: Birzan George Cristian <ymir@wolfheart.ro>
- Re: Permissions on /root/
  - From: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>

Prev by Date: Re: Permissions on /root/
Next by Date: Re: Permissions on /root/
Previous by thread: Re: Permissions on /root/
Next by thread: Re: Permissions on /root/
Index(es):
- Date
- Thread