file permission question
davidk at accretivetg.com
Fri Sep 24 08:50:01 PDT 2004
/etc/passwd (probably really /etc/pwd.db) are used for several user-land
programs including 'ls'. It's highly recommended that /etc/passwd stay
readable to the world.
Btw, the output of 'ps' can be easily reconstructed via access to the
/proc filesystem. You can unmount this partition, but ps will operate
With /proc unmounted, you can still get a process listing for everyone -
you can disable this by setting the sysctl kern.ps_showallprocs to 0.
On Mon, 1 Oct 2001, default wrote:
> I am allowing a couple of ppl to have a shell account on one of my machines,
> and I am making a few changes to disallow them from using certain things...
> like chmoding the 'ps' command to 550 etc...
> I wanted to ask, is there any reason why one wouldn't want to chmod to 640
> the passwd file and other similar files? ...
> To Unsubscribe: send mail to majordomo at FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
More information about the freebsd-questions