Re: / owned by bin causes sshd to complain bad ownership


On 2012-06-22 15:43, Julian H. Stacey wrote:
> Hi freebsd-security@freebsd.org
> On an 8.3-RELEASE running sshd, /var/log/auth.log 
> 	Jun 22 12:54:06 lapr sshd[57505]: Authentication refused:
> 		bad ownership or modes for directory /
> Until I did
> 	chown 0:0 /
> ( It was previously
> 	drwxr-xr-x  25 bin   bin       1024 Jun 20 19:53 ./
> )
> The chown is consistent with all of 8.3 /bin also being root & not bin,
> 
> BUT
> 
> Over use of Root seems Bad. 
> Our ownership scheme has degraded compared to early 1980s Unix, where
> 	most bin & lib files & dirs were owned by bin, except for
> 		- a few SUID bins that Needed root
> 		- occasional administrator droppings,
> 		  temporary accidental files that glared at the eyeball,
> 		  as root, cos near all else was just bin.
> 
> IMO very little in a system should be user root.
> 
> Apologies, but to guide replies :
> 	(after threads burnt by a troll on another list)
> 	I'd not appreciate replies just along the lines of
> 		 "It has to be to satisfy existing software". 
> 	I'd much rather receive replies along lines of 
> 		"What would be best ownership scheme, advantages &
> 		 disadvantages + should we change anything ?"
> 


Hm, I just found an old Dennis_v5 release from 1974 and / was set to 0:3 which is today root:sys and not to 2:2

If you look hard enough you will can find the v5root.tar.gz from 1974 on unixarchive.cn-k dot de or some other mirrors ;)


--
Regards,
olli
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"