Posted by: Administrator
on April 22, 2004 09:31 AM
I have two comments about this article:
(1) World readable files are very common on Linux. It's world writable files that should be rare. It is true if you want files private, like your home directory for example it should not be world readable -- and there are certain files in<nobr> <wbr></nobr>/etc and elsewhere that should not be world readable but ths is not a blanket statement.
(2) A umask of 022 seems just wrong to me. This is no security at all pretty much. In fact it contradicts what you said a few paragraphs earlier about not wanting world readable files. If you want security use 007, 027, or 077 depending on your needs, how you setup shares, and your group structure.
These are two basic mistakes. It makes me wonder how much the author really knows about security. I think your articiles are about an important topic, but please present the topic with a little more care.
Learn about Linux
Download Linux
Get Linux help
Corrections?
Posted by: Administrator on April 22, 2004 09:31 AM(1) World readable files are very common on Linux. It's world writable files that should be rare. It is true if you want files private, like your home directory for example it should not be world readable -- and there are certain files in<nobr> <wbr></nobr>/etc and elsewhere that should not be world readable but ths is not a blanket statement.
(2) A umask of 022 seems just wrong to me. This is no security at all pretty much. In fact it contradicts what you said a few paragraphs earlier about not wanting world readable files. If you want security use 007, 027, or 077 depending on your needs, how you setup shares, and your group structure.
These are two basic mistakes. It makes me wonder how much the author really knows about security. I think your articiles are about an important topic, but please present the topic with a little more care.
Rob
#