More secure permissions for /root and /etc/sysctl.conf
Gary Jennejohn
gljennjohn at gmail.com
Wed Jan 29 09:53:29 UTC 2020
On Wed, 29 Jan 2020 10:26:31 +0100
Gordon Bergling via freebsd-hackers <freebsd-hackers at freebsd.org> wrote:
> Hi,
>
> I recently stumbled upon the default world readable permissons of /root and
> /etc/sysctl.conf. I think that it would be more secure to reduce the default
> permission for /root to 0700 and to 0600 for /etc/sysctl.conf.
>
> I prepared a differtial for the proposed change:
> https://reviews.freebsd.org/D23392
>
> What do you think?
>
I think that changing the permissions on / would defeat the purpose of
/etc/devd.conf and then adding users to certain groups in /etc/group
to make devices usable without having to escalate to root rights.
--
Gary Jennejohn
More information about the freebsd-hackers
mailing list