Re: / owned by bin causes sshd to complain bad ownership
As Mark put it, if everything is owned by bin you would need to be root
to do anything. Where is the benefit in
this ?, you mentioned stupid junior admins , well in that case have a
better hiring process , no need to obfuscate the current
setup.
On 06/22/2012 09:36 AM, Mark Felder wrote:
> On Fri, 22 Jun 2012 10:59:28 -0500, Jason Hellenthal
> <jhellenthal@dataix.net> wrote:
>
>>
>> Security principles are well laid out and have not changed in a long
>> time. Vering away from those principles will cause a LOT of
>> administrative overhead as most software out there can expect a sane
>> environment if / is root:wheel
>
> Well he claims that bin owned everything back in the day and I didn't
> touch a *nix system until long after the time he describes. I can't
> imagine the benefit or functionality of a system with bin owning
> everything.... if everything precious is owned by bin, and bin isn't a
> standard system user, someone would have to elevate to root to do
> anything nasty. In the current setup you'd have to elevate to root to
> do something nasty.
>
> I see no benefit in binaries or libraries being owned by bin.
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe@freebsd.org"
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 8 之 17 篇):