Bug 16102

Summary: root's home directory is too open
Product: Base System Reporter: Sue Blake <sue>
Component: miscAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 3.4-STABLE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Sue Blake 2000-01-13 14:40:01 UTC 
Anyone can roam around in root's home directory and look at rootly files.
That's not nice. This directory seems to have been grouped with a bunch
of publicly accessible directories when the permissions were assigned.

Fix: The following trivial patch is intended to restrict access to root only.
Maybe 750 could be justified.

How-To-Repeat: 
user@large$ ls -la /root
total 21
drwxr-xr-x   2 root  wheel    512 Jan 14 01:34 .
drwxr-xr-x  18 root  wheel    512 Jan 14 00:13 ..
-rw-------   1 root  wheel    111 Jan 13 19:36 .bash_history
-rw-r--r--   2 root  wheel    403 Sep 17 08:49 .cshrc
-rw-------   1 root  wheel     61 Jan 13 19:36 .history
-rw-r--r--   1 root  wheel    146 Sep 17 08:49 .klogin
-rw-r--r--   1 root  wheel    559 Sep 17 08:49 .login
-rw-r--r--   2 root  wheel    255 Sep 17 08:49 .profile
-rw-r--r--   1 root  wheel  11284 Jan 14 01:34 crackers.list
-rw-r--r--   1 root  wheel    403 Jan 14 01:34 loveletter.txt
Comment 1 dd freebsd_committer freebsd_triage 2001-06-01 03:09:45 UTC 
State Changed
From-To: open->closed

This has been discussed to death before, and IIRC the conslusion was that you 
shouldn't be reading love letters as root (or storing anything else sensitive 
in /root).