On Thu, 12 Feb 2009 15:32:57 +0100 "Giacomo A. Catenazzi" <[email protected]> wrote:
> Boyd Stephen Smith Jr. wrote: ... > > I don't see how a 600 /etc can be exploited. Do you have any other records > > that would indicate you are exploited, or is this just fear-mongering? > > /etc with 600 is a grave error! > /etc/ must be accessible for the following reasons: > - debian alternatives (and some posix program requires i.e. "editor" command) > - networking: libc need to read some file (resolver, hostname, ...), and this > is done in normal user context > - passwd must be public (indirectly required by POSIX) > - etc has configuration of daemon, which could read such configuration > in different deamon context (not root). This is true especially by > reloading configuration > - and a lot more reasons. > > Some files must be protected, not the entire /etc. I'm sure he knows it's an error; his point is just that it's not exploitable. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
