More secure permissions for /root and /etc/sysctl.conf
Ben Woods
woodsb02 at gmail.com
Sun Feb 2 01:46:25 UTC 2020
On Sun, 2 Feb 2020 at 03:05, Rodney W. Grimes <freebsd-rwg at gndrsh.dnsmgr.net>
wrote:
> c) The default for home directories in all the BSD's I looked at
> are 755.
>
> d) All distributions I looked at ship /root as 755. This would be
> FreeBSD as the odd man out.
>
I just spun up a few other BSD's to check this, and found the following for
/root permissions:
DragonFlyBSD 5.6.2 = 700
HardenedBSD build 104 = 755
NetBSD 9.0 RC1 = 755
OpenBSD 6.6 = 700
For what it's worth, I am broadly supportive of this because I see no
reason for /root to be world readable.
Given this change only affects new installations, I think the
"astonishment" can be reduced by including an entry in the release notes.
Regards,
Ben
More information about the freebsd-hackers
mailing list