* Evan Moore said: > I have been reading about securing my linux box and it mentions making > /etc readable only by root. Would this mess up anything by making making > all of the /etc file permisions 600? Hmm... Is it Microsoft Security Bulletin you've been reading? :))) Seriously, "securing" /etc in that way would break some 80% of programs out there on your Linux box. Take /etc/passwd for one - (g)libc looks up users in that file (unless you use the DB databases), /etc/group - ditto, /etc/services, /etc/Muttrc, shell global startup scripts and dozens and dozens of others. Making /etc 600 is an excellent example of "security by obscurity" - a very poor security measure. There *are* config files which should be readable only by root and are used only by programs running as root. There are also files which are read only by a specific program ran with a specific user's rights. These you can make 600 and chown to the user that has to access them. If you really insist on hiding the contents of the /etc directory from an average user and still allowing the programs to access their config files set the /etc permissions to 711. marek
Attachment:
pgpyZOtwK6R8s.pgp
Description: PGP signature