Re: potato /root permissions?

To: paulwade@greenbush.com
Cc: Dale Scheetz <dwarf@polaris.net>, debian-testing@lists.debian.org
Subject: Re: potato /root permissions?
From: sharkey@superk.physics.sunysb.edu
Date: Tue, 29 Feb 2000 00:22:19 +0900
Message-id: <m12PS04-000sLVC@lbscissors.kek.jp>
In-reply-to: Your message of "Mon, 28 Feb 2000 09:59:50 EST." <Pine.LNX.3.96.1000228094853.12036A-100000@ns1.greenbush.com>

> That could be. But didn't they have a proper umask in /root/.bashrc?

Depends on what you mean by proper.

> I just went into /root on the system and did 'touch test'. It created it
> with mode 644.

So?  That sounds fine to me.  Are you planning on having a file
/root/HERE_IS_THE_ROOT_PASSWORD_FOR_THIS_MACHINE or something?

> Just for grins I created public_html to see if apache would accept /~root
> and it did. So this potato system makes it easy for the superuser to have
> a personal home page :)

Ok, it's of dubious merit, yet, I fail to see it as a serious security hole.
You should not be storing confidential files in /root/public_html.

In general, files should be world readable, unless there is some explicit
reason for them not to be.

Are you also worried that /var/log is not 700, too?

Eric


--  
To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: potato /root permissions?
  - From: <paulwade@greenbush.com>

References:
- Re: potato /root permissions?
  - From: <paulwade@greenbush.com>

Prev by Date: Re: potato /root permissions?
Next by Date: Re: potato /root permissions?
Previous by thread: Re: potato /root permissions?
Next by thread: Re: potato /root permissions?
Index(es):
- Date
- Thread