#404 closed defect (wontfix)
Wrong mode for /root
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | Book | Version: | CVS |
| Severity: | critical | Keywords: | |
| Cc: |
Description
Hi,
there's written that you should set mode 0750 for /root. But you should better set mode 0700 to let nobody except root inside.
cya, Freddy
Note:
See TracTickets
for help on using tickets.
That's all a matter of perspective. /root shouldn't contain any personal files, just some stuff that the system admin uses. It could be argued that anybody in the 'root' group should have access to /root as group root is often what sysadmins are part of when they don't have the root password.
Then again, that all depends on the security policies on a system. Entire books have been written about it, LFS book isn't going to be the umpteenth book on it ;) I think the way it currently is will do just fine. As usual, if you don't like it, change it (that's what LFS is about anyways).
Changing it now will undoubtly generate comments like "why did you do that, it was a good thing do to". Leaving it will generate comments like yours. So, there'll always be comments. May as well just leave it the way it is. Makes more sense in my eyes ;)