More secure permissions for /root and /etc/sysctl.conf
Ryan Stone
rysto32 at gmail.com
Wed Jan 29 15:15:48 UTC 2020
On Wed, Jan 29, 2020 at 4:26 AM Gordon Bergling via freebsd-hackers
<freebsd-hackers at freebsd.org> wrote:
>
> Hi,
>
> I recently stumbled upon the default world readable permissons of /root and
> /etc/sysctl.conf. I think that it would be more secure to reduce the default
> permission for /root to 0700 and to 0600 for /etc/sysctl.conf.
I don't see the point in making this change to sysctl.conf. sysctls
are readable by any user. Hiding the contents of sysctl.conf does not
prevent unprivileged users from seeing what values have been changed
from the defaults; it merely makes it more tedious.
More information about the freebsd-hackers
mailing list