More secure permissions for /root and /etc/sysctl.conf

[David Wolfskill]

On Wed, Jan 29, 2020 at 10:26:31AM +0100, Gordon Bergling via freebsd-hackers wrote:
> Hi,
> 
> I recently stumbled upon the default world readable permissons of /root and 
> /etc/sysctl.conf. I think that it would be more secure to reduce the default
> permission for /root to 0700 and to 0600 for /etc/sysctl.conf.
> 
> I prepared a differtial for the proposed change:
> https://reviews.freebsd.org/D23392
> 
> What do you think?
> 
> Best regards,
> 
> Gordon
> ...

On Wed, Jan 29, 2020 at 12:41:30PM +0100, Wojciech Puchar wrote:
> ...
> fully agree. i do it manually every time i build new system to create
> tarfiles
> ....

For counterpoint, as well as a reminder of the "tools, not policy"
catchphrase, I disagree, as I believe that doing so would increase the
frequency of a need to escalate privilege merely to read (e.g.)
configuration information that is not particularly "secret."

For example, I have encountered systems where the administrator had
/etc/rc.conf not-world-readable; I was needing to obtain root privilege
way too often just to read the file... thus, for merely testing a new
rc.d script (in a mode where it would merely report what it would have
otherwise done).  I submit that this does rather the opposite of
"enhancing" security.

I have no objection to providing a knob to adjust such a thing for a
local configuration, and folks who want it can select it, while those
who don't, need not do so.

Peace,
david
-- 
David H. Wolfskill				david at catwhisker.org
"Now, with me, there's no lying." -- Donald J. Trump   ["??!?" -- me]

See http://www.catwhisker.org/~david/publickey.gpg for my public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20200129/652d68a6/attachment.sig>