[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: potato /root permissions?



On Tue, 29 Feb 2000 sharkey@ale.physics.sunysb.edu wrote:

> > Note the 'grins' and ':)' in my comment. Obviously, it's of dubious merit.
> 
> Obviously, I should have included more ":)"'s in my own message.
>  
> > > Are you also worried that /var/log is not 700, too?
> > 
> > Extremely, because I am the total idiot that you are treating me like.
> 
> Paul, I don't think you are an idiot, and, I wasn't trying to treat you like
> one.  If you have been offended by anything I've said, please accept my
> apologies.

Not offended. Apology accepted. But I will admit to being an idiot at
times.

>  
> > I merely posted this because I noticed it and wasn't sure if there were
> > intentional changes involved along the way from slink to potato. This is
> > the testing list. I did get one off-list reply saying that his potato and
> > woody systems had /root as 700.
> 
> But were they systems that had been installed as potato/woody, or slink and
> then upgraded?
> 
> I have yet to do a from-scratch potato install.

I'll be watching it both ways - scratch and upgrade. I was starting do do
a slink install tonight and got too many phone calls to get much done.
 
> > The issue here is whether this is the expected behavior and if so whether
> > it should also apply to upgrades from previous releases. Is it a bug or
> > not?
> 
> Honestly, I don't know.  I merely replied to your post to point out that
> there's a high chance that this is by design and not accident.  Since slink
> was the only release that ever shipped with /root as 700, potato installing
> it as 755 is merely a return to earlier (and, to me, marginally preferable)
> policy.

Whatever the case, I would hope people are well-informed so they can
change it to meet local needs. There are some sysadmins who don't think
users need to be doing stuff like 'grep userdel /root/.bash_history'.
Maybe not the best example but there are probably some better ones. Just
the idea of users being able to snoop like that makes some sysadmins very
nervous.

+----------------------------------------------------------------------+
+ Paul Wade                         Greenbush Technologies Corporation +
+ mailto:paulwade@greenbush.com              http://www.greenbush.com/ +
+----------------------------------------------------------------------+


--  
To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


Reply to: