Hi, Doug Moss wrote on Mon, May 04, 2020 at 03:01:43PM +0000:
> For OpenBSD 6.6, amd64 > in the daily script to check security: > /usr/libexec/security > > at line 248 for checking if the umask is set: > my @list = qw(/etc/profile /root/.profile); > > shouldn't that be instead: > my @list = qw(/.profile /root/.profile); > > I think /etc/profile does not exist, and /.profile is the default one. So, i consider it settled that /etc/profile must remain in the list. I'm currently working on and testing a diff to additionally check the file /.profile. That diff will *not* be a one-liner, so it isn't ready yet. We can decide later whether and at which time we want that committed, when that diff is ready. But it seems already clear to me that /.profile should be watched by changelist(5) because IIUC that file potentially gets executed in the following situations: - single user mode - user logging in who doesn't have a home directory - user logging in with home on NFS while NFS is down Such situations may not be quite as frequent as normal logins, but i still consider watching a file that gets executed in such situations, including as root, potentially relevant, and the following diff seems low-risk to me. OK to commit it now? Ingo Index: changelist =================================================================== RCS file: /cvs/src/etc/changelist,v retrieving revision 1.125 diff -u -r1.125 changelist --- changelist 12 Aug 2019 13:28:15 -0000 1.125 +++ changelist 5 May 2020 09:48:58 -0000 @@ -165,3 +165,5 @@ /var/unbound/etc/unbound.conf /var/yp/Makefile.main /var/yp/Makefile.yp +/.cshrc +/.profile
