which unix-pc files MUST be writeable by others?
Steve Simmons
scs at lokkur.UUCP
Fri May 5 12:06:05 AEST 1989
In article <672 at cbnewsc.ATT.COM> danl at cbnewsc.ATT.COM (daniel.r.levy) writes:
>What I want to know is, WHAT WILL BREAK when I try to impose conventional ideas
>of UNIX security (please hold the wise cracks) upon a 3B1? And I'd like to
>know it before I try it and hose up the machine.
Well Dan'l, the short answer is ALMOST NOTHING. I did the appropriate find
on my system not just for directories but for *every* writable file. Most
of them I found could be cleaned up with no risk. A couple I was fairly
sure *had* to remain writable (/tmp, /usr/tmp, uucppublic) because system
functioning demanded it. One, /usr/spool/news, has to remain writable
due to other stupid reasons. There are a couple of accounting files
(utmp, wtmp, a few things in /usr/adm) that need to be writable. Getting
right down to the bottom, everything else I made protected except
/etc/drvtab
/etc/timedsply
which I just couldn't figure out.
Disclaimer: I did this over a year ago, and am telling you from
memory. But it's based on real work, not just my opinions.
--
Steve Simmons ...sharkey!lokkur!scs scs at lokkur.dexter.mi.us
"Gordon Way's astonishment at suddenly being shot dead was nothing to
his astonishment at what happened next." -- Douglas Adams
More information about the Unix-pc.general
mailing list