On 06/22/2012 20:34, olli hauer wrote:
On 2012-06-22 15:43, Julian H. Stacey wrote:
Hi [email protected]
On an 8.3-RELEASE running sshd, /var/log/auth.log
Jun 22 12:54:06 lapr sshd[57505]: Authentication refused:
bad ownership or modes for directory /
Until I did
chown 0:0 /
( It was previously
drwxr-xr-x 25 bin bin 1024 Jun 20 19:53 ./
)
The chown is consistent with all of 8.3 /bin also being root& not bin,
BUT
Over use of Root seems Bad.
Our ownership scheme has degraded compared to early 1980s Unix, where
most bin& lib files& dirs were owned by bin, except for
- a few SUID bins that Needed root
- occasional administrator droppings,
temporary accidental files that glared at the eyeball,
as root, cos near all else was just bin.
IMO very little in a system should be user root.
Apologies, but to guide replies :
(after threads burnt by a troll on another list)
I'd not appreciate replies just along the lines of
"It has to be to satisfy existing software".
I'd much rather receive replies along lines of
"What would be best ownership scheme, advantages&
disadvantages + should we change anything ?"
Hm, I just found an old Dennis_v5 release from 1974 and / was set to 0:3 which
is today root:sys and not to 2:2
If you look hard enough you will can find the v5root.tar.gz from 1974 on
unixarchive.cn-k dot de or some other mirrors ;)
cvsweb.cgi/src/etc/mtree/BSD.root.dist?only_with_tag=MAIN
Revision 1.29: download - view: text, markup, annotated - select for diffs
Mon Sep 14 08:34:45 1998 UTC (13 years, 9 months ago) by obrien
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +6 -6 lines
Change file ownership from bin.bin to root.wheel.
This is the start of it for FreeBSD, going from 2.2.X to 3.X
--
Regards,
olli
You are welcom,
Claude Buisson
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
