[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: potato /root permissions?

> That could be. But didn't they have a proper umask in /root/.bashrc?

Depends on what you mean by proper.

> I just went into /root on the system and did 'touch test'. It created it
> with mode 644.

So?  That sounds fine to me.  Are you planning on having a file

> Just for grins I created public_html to see if apache would accept /~root
> and it did. So this potato system makes it easy for the superuser to have
> a personal home page :)

Ok, it's of dubious merit, yet, I fail to see it as a serious security hole.
You should not be storing confidential files in /root/public_html.

In general, files should be world readable, unless there is some explicit
reason for them not to be.

Are you also worried that /var/log is not 700, too?


To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: