http://bugzilla.novell.com/show_bug.cgi?id=546130
User gfarrell@netspeed.com.au added comment
http://bugzilla.novell.com/show_bug.cgi?id=546130#c2
--- Comment #2 from Geoff Farrell 2009-10-13 03:25:46 MDT ---
Yes, I know the permissions of /root:
drwx------ 18 root root 4096 Oct 13 20:08 /root
Which is precisely my point. If that's the intended permissions for that
directory, why accept anything less for its contents?
Are you saying that security is a single-layer proposition, and the permissions
of /root will protect its contents, and that multi-layer security isn't
necessary or even desirable? For every indiscretion of permissions noted in
this bug, it's another chink in the armour.
In particular, what about having directories and files group-owned by 'users'
in /root? What purpose is that supposed to achieve? That's just sloppy. Why not
just apply a simple:
# chown -R root:root /root
# chmod -R g-rwx,o-rwx /root
to fix the situation once the installation is done? It surely can't hurt.
That's what I'll be doing if this is left at Invalid.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.