Hi freebsd-security@freebsd.org
On an 8.3-RELEASE running sshd, /var/log/auth.log
Jun 22 12:54:06 lapr sshd[57505]: Authentication refused:
bad ownership or modes for directory /
Until I did
chown 0:0 /
( It was previously
drwxr-xr-x 25 bin bin 1024 Jun 20 19:53 ./
)
The chown is consistent with all of 8.3 /bin also being root & not bin,
BUT
Over use of Root seems Bad.
Our ownership scheme has degraded compared to early 1980s Unix, where
most bin & lib files & dirs were owned by bin, except for
- a few SUID bins that Needed root
- occasional administrator droppings,
temporary accidental files that glared at the eyeball,
as root, cos near all else was just bin.
IMO very little in a system should be user root.
Apologies, but to guide replies :
(after threads burnt by a troll on another list)
I'd not appreciate replies just along the lines of
"It has to be to satisfy existing software".
I'd much rather receive replies along lines of
"What would be best ownership scheme, advantages &
disadvantages + should we change anything ?"
Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Reply below not above, cumulative like a play script, & indent with "> ".
Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
