As Mark put it, if everything is owned by bin you would need to be root
to do anything. Where is the benefit in
this ?, you mentioned stupid junior admins , well in that case have a
better hiring process , no need to obfuscate the current
setup.
On 06/22/2012 09:36 AM, Mark Felder wrote:
On Fri, 22 Jun 2012 10:59:28 -0500, Jason Hellenthal
<[email protected]> wrote:
Security principles are well laid out and have not changed in a long
time. Vering away from those principles will cause a LOT of
administrative overhead as most software out there can expect a sane
environment if / is root:wheel
Well he claims that bin owned everything back in the day and I didn't
touch a *nix system until long after the time he describes. I can't
imagine the benefit or functionality of a system with bin owning
everything.... if everything precious is owned by bin, and bin isn't a
standard system user, someone would have to elevate to root to do
anything nasty. In the current setup you'd have to elevate to root to
do something nasty.
I see no benefit in binaries or libraries being owned by bin.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to
"[email protected]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
