Subject: Re: permissions & rc.conf
To: Steven M. Bellovin <smb@cs.columbia.edu>
From: Wojciech Puchar <wojtek@tensor.3miasto.net>
List: netbsd-users
Date: 08/23/2005 19:36:30
>>
>
> Why shouldn't they be readable by default?  What is the threat you're
> trying to defend against?
>
> Make something read-protected if there's a problem, either because the
> data is inherently secret (i.e., keying material) or because you're
> trying to conceal something about local security policy that isn't
> readily discernible by other means.  Very little, if anything, in
> rc.conf fits that description.

anyway i change everything that user doesn't have to read to 600.
that's other policy - if user don't have to read it, the read access 
should be disabled.