What is Negative permissions

Frank Leonhardt frank2 at fjl.co.uk
Mon Sep 23 11:51:54 UTC 2013

On 23/09/2013 11:54, Leslie Jensen wrote:
> In the daily security run I see the following:
> Checking setuid files and devices:
> Checking negative group permissions:
> 3791965 -rwxr--r-x  1 admin  wheel  172 Mar  9 10:59:55 2011
>  /usr/home/admin/bin/noip_update.sh
> Is it just a reminder that the group has no x permissions or should I 
> give those permissions?

Yes, basically. It's obviously very odd to give everyone OTHER than 
:wheel members permission to run it. What about user root in group wheel 
- is root allowed to run it? Actually, yes, even though you might think 
you've forbidden members of "wheel".

Regards, Frank.

More information about the freebsd-questions mailing list