Hello, does anybody know a good reason why the permission.paranoid sets /root to mode 711? The harden_suse script suggests setting the mode for /root to 700. (This is IMHO the right mode for /root) The Versions 6.3, 6.4 and 7.0 of SUSE Linux seem to be affected from this bug or feature (bug or feature depends on your answers :-)) Regards, Rüdiger Plüm -- Rüdiger Plüm Mannesmann TeleCommerce Department: Web Engineering, MTC-SWW Phone: +49 2102 97 21 58 Fax: +49 2102 97 12 08 Email: ruediger.pluem@it-mannesmann.de Address: Rehhecke 50, D-40885 Ratingen
Rüdiger, The only sense I can make out of the 711 permission is that root wants to have an executable script in /root/bin, which other users should be able to execute. Apart from that, I would prefer 700! Raffy
Hello,
does anybody know a good reason why the permission.paranoid sets /root to mode 711? The harden_suse script suggests setting the mode for /root to 700. (This is IMHO the right mode for /root) The Versions 6.3, 6.4 and 7.0 of SUSE Linux seem to be affected from this bug or feature (bug or feature depends on your answers :-))
Rüdiger,
The only sense I can make out of the 711 permission is that root wants to have an executable script in /root/bin, which other users should be able to execute.
Apart from that, I would prefer 700!
Raffy
Hello,
does anybody know a good reason why the permission.paranoid sets /root to mode 711? The harden_suse script suggests setting the mode for /root to 700. (This is IMHO the right mode for /root) The Versions 6.3, 6.4 and 7.0 of SUSE Linux seem to be affected from
711 works if you want to have html files available to webserver from /root
----- Original Message -----
From: Raffael Marty
bug or feature (bug or feature depends on your answers :-))
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
hiho Perhaps this is for the public_html dir (apache), which needs permission 711 in its parent dir. That is the only reason I could imagine. cu jan
In article <3A34FFF6.B2117425@gmx.net>,
Jan Wulfes
Perhaps this is for the public_html dir (apache), which needs permission 711 in its parent dir.
I can't really imagine, that anybody might want to have a public_html
dir in /root.
--
Rolf Krahl
participants (5)
-
"Plüm, Rüdiger, MTC-SWW" -
Jan Wulfes -
max -
Raffael Marty -
rolf.krahl@gmx.net