On Thursday 28 July 2005 08:00 am, Jonathan Schleifer wrote: > Moritz Grimm <[EMAIL PROTECTED]> wrote: > > This kind of paranoia adds nothing to security (~/.ssh and others that > > need it are already set to restrictive permissions), and there is no > > privacy from root no matter what. The rest is, again, personal > > preference and/or something about local policies. > > Ever heart of a multiuser system where one user shouldn't be able to > acces the files of another user? Not all users are thinking about this > issue and many forget to change the modes for confidential files. IMO, > it's not paranoid, but useful. On a singleuser system, it might not > matter, for example on your desktop. On my desktop, I don't have 700 > either. But on my server, it's very important for me to have 700.
This is fairly easy to customize since the adduser command is just a perl script. (Hint: I believe that line 1143 in 3.7 might be a good place to start looking.) Tim Donahue PS. See http://www.openbsd.org/faq/faq4.html#site for an easier way to distribute this change when you are installing.
