> > Welcome to the multi-user unix world. > > Ah, that's not entirely correct. On a properly installed Unix or Linux this > will not happen. There the directories /etc and /root and a few others are > not readable by regular users who all belong to the group user. But when the > Cobalt OS was developed Cobalt sidestepped this security measure for a couple > of obscure reasons. I'm on a Raq3 at the moment, and root's home directory is set to 700 - I believe it was like this when I got it, though I may have changed it myself =). More importantly, though, in my opinion, setting /etc to be readable only by root is one heck of a bad idea. Not all of the files in /etc are intended to be only read by root - it's a general dumping ground for various configurations ... and I hate to think how much stuff would break if you made things like /etc/passwd to be mode 700 - part of the reasoning behind having a seperate file for shadow passwords is so that /etc/passwd is always world readable. Having said that, there's no reason why you shouldn't make some of the stuff in /etc/passwd to be root only readable, but it's worth being careful! Cheers, John _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
