/etc/passwd (probably really /etc/pwd.db) are used for several user-land programs including 'ls'. It's highly recommended that /etc/passwd stay readable to the world.
Btw, the output of 'ps' can be easily reconstructed via access to the /proc filesystem. You can unmount this partition, but ps will operate differently. With /proc unmounted, you can still get a process listing for everyone - you can disable this by setting the sysctl kern.ps_showallprocs to 0. On Mon, 1 Oct 2001, default wrote: > Hi, > > I am allowing a couple of ppl to have a shell account on one of my machines, > and I am making a few changes to disallow them from using certain things... > like chmoding the 'ps' command to 550 etc... > > I wanted to ask, is there any reason why one wouldn't want to chmod to 640 > the passwd file and other similar files? ... > > Thanks, > > Jordan > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-security" in the body of the message _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"