Fwd: Question about a recent installation
freebsd-questions-local at be-well.ilk.org
Wed May 7 17:32:50 UTC 2008
"Norman Maurer" <norman at apache.org> writes:
> ---------- Forwarded message ----------
> From: Norman Maurer <norman at apache.org>
> Date: 2008/5/7
> Subject: Re: Question about a recent installation
> To: Mario Vazquez <mario_vazq at hotmail.com>
> 2008/5/6 Mario Vazquez <mario_vazq at hotmail.com>:
> > On May 5, 2008, at 6:17 PM, doug wrote:
> > > To give limited priviledges I think sudo (as in linux??) would be
> > > used.
> > I concur that sudo is really a very good way of managing privileges.
> > I don't even know the root passwords on the systems that I administer
> > (OK, I do have them stored in a nice secured place if I ever do need
> > them).
> > Cheers,
> > -j
> > ----------------------------------
> > In fact, I use sudo for managing too. My question is not about
> sudo itself, it's about the possible risks (if any) of having a
> default installation (FreeBSD7-RELEASE) which assigns ownership of the
> root folder to root:wheel, thus allowing anyone with wheel privileges
> be able to see (and copy btw) root folder contents.
> I still not get the point.. If the files are create the default is a
> umask of 022 anway. So if you want to protect your files in the root
> folder to get accessed, use umask 066 and maybe chmod 700 /root.
Perhaps more to the point of the question, there is nothing in /root
on a default system which has any need of being kept secret.
Lowell Gilbert, embedded/networking software engineer, Boston area
More information about the freebsd-questions