Subject: Re: permissions & rc.conf
To: Jan Danielsson <>
From: Steven M. Bellovin <>
List: netbsd-users
Date: 08/23/2005 13:31:17
In message <>, Jan Danielsson writes:

>   On a more security related note: Why is it that most files in /etc
>are readable by everyone by default? Files like rc.conf are only of
>interrest to init/root, right? If so, why aren't they more restricted by

Why shouldn't they be readable by default?  What is the threat you're 
trying to defend against?

Make something read-protected if there's a problem, either because the 
data is inherently secret (i.e., keying material) or because you're 
trying to conceal something about local security policy that isn't 
readily discernible by other means.  Very little, if anything, in 
rc.conf fits that description.

		--Steven M. Bellovin,