Subject: Re: permissions & rc.conf
To: Steven M. Bellovin <firstname.lastname@example.org>
From: Wojciech Puchar <email@example.com>
Date: 08/23/2005 19:36:30
> Why shouldn't they be readable by default? What is the threat you're
> trying to defend against?
> Make something read-protected if there's a problem, either because the
> data is inherently secret (i.e., keying material) or because you're
> trying to conceal something about local security policy that isn't
> readily discernible by other means. Very little, if anything, in
> rc.conf fits that description.
anyway i change everything that user doesn't have to read to 600.
that's other policy - if user don't have to read it, the read access
should be disabled.