Bug 95684

Comment 1 Ceri Davies 2006-04-13 12:31:20 UTC

State Changed
From-To: open->closed

We don't see it as a security hole.  Suggest that you check the mailing 
list archives for previous discussions of this, and then raise it on 
hackers@FreeBSD.org if you still see an issue - check the archives first 
though please. 

The PR database is not a discussion forum, so this really does need to 
be discussed elsewhere.

> 
> 
> >Number:         95684
> >Category:       misc
> >Synopsis:       /root wrong permissions
> >Confidential:   no
> >Severity:       critical
> >Priority:       medium
> >Responsible:    freebsd-bugs
> >State:          open
> >Quarter:        
> >Keywords:       
> >Date-Required:
> >Class:          sw-bug
> >Submitter-Id:   current-users
> >Arrival-Date:   Thu Apr 13 09:50:15 GMT 2006
> >Closed-Date:
> >Last-Modified:
> >Originator:     C.D.
> >Release:        5.4 RELEASE, 6.0 RELEASE
> >Organization:
> none
> >Environment:
> >Description:
> Dear FreeBSD Team,
> 
> 
> 
> with standard installation of FBSD 5.4 Released or 6.0 Released from CD-ROM,
> you have after install process a wrong permission of /root.
> It is 0755, but it should be 0700.
> I see this as an Security hole.

I was just able to look back as far as FreeBSD 3.2 - as far back as 
I have anything handy running and they all have "/" set to 755.

I don't understand why it should be 0700. 

If you did that, no person could do an ls or get to directories under
root.   The 755 setting does not allow group or world to write to root,
just get to the necessary things in it.

////jerry

> >How-To-Repeat:
> Install FBSD and make:
> 
> ls -l
> 
> >Fix:
> Change install script.
> >Release-Note:
> >Audit-Trail:
> >Unformatted:
> _______________________________________________
> freebsd-bugs@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
> To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"
>