1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-11-29 08:08:37 +00:00
freebsd/etc
Conrad Meyer a35bc248fd Restrict default /root permissions
Remove world-readability from the root directory.  Sensitive information may be
stored in /root and we diverge here from normative administrative practice, as
well as installation defaults of other Unix-alikes.  The wheel group is still
permitted to read the directory.

750 is no more restrictive than defaults for the rest of the open source
Unix-alike world.  In particular, Ben Woods surveyed DragonFly, NetBSD,
OpenBSD, ArchLinux, CentOS, Debian, Fedora, Slackware, and Ubuntu.  None have a
world-readable /root by default.

Submitted by:	Gordon Bergling <gbergling AT gmail.com>
Reviewed by:	ian, myself
Discussed with:	emaste (informal approval)
Relnotes:	sure?
Differential Revision:	https://reviews.freebsd.org/D23392
2020-06-04 16:04:19 +00:00
..
gss
mail pkgbase: resolve mailer.conf conflict WITHOUT_SENDMAIL 2020-06-02 02:38:54 +00:00
mtree Restrict default /root permissions 2020-06-04 16:04:19 +00:00
root
sendmail
group
Makefile pkgbase: resolve mailer.conf conflict WITHOUT_SENDMAIL 2020-06-02 02:38:54 +00:00
Makefile.depend
master.passwd
shells