Subject: Re: /root permissions
To: BokLM <boklm@mars-attacks.org>
From: Greg A. Woods <woods@weird.com>
List: netbsd-users
Date: 02/22/2003 16:27:00
[ On Saturday, February 22, 2003 at 08:28:58 (+0100), BokLM wrote: ]
> Subject: Re: /root permissions
>
> root is not a normal user, and most of the time he doesn't share personnal
> files with others users.

Indeed root is not a normal user, however root can't have any personal
files either since root is, normally, a "shared" account.

> root sometimes needs to save secret temporary files (containing passwords
> or something else) and I thing /root might be the good place to put
> them.

If you put secret stuff somewhere then _you_ need to make sure the
directories and files _you_ put it in are protected appropriately.

If you put secret stuff in /root and you forget to check that the
permissions on /root are what you want then the problem is all yours.

Assuming /root might be a good place to put secret stuff without also
checking that it's actually going to stay secret if you put it there is
just plain wrong.  You cannot possibly ever have a valid claim against
the distribution's default permissions being wrong for your uses.

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>