<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: ssh quirks...

Re: ssh quirks...

From: Viktorie Navratilova <vnavrat_at_MATH.LUC.EDU>
Date: Tue, 28 Dec 1999 12:06:03 -0600

On Mon, 27 Dec 1999, Rodney C. Marable wrote:

> > typically the /home dir should be world readable as should the / dir.
>
> If this is true, any user on that machine would be able to do anything
> that they wanted anywhere they chose. I don't believe this is the advice
> you meant to convey.

If you're going to be pedantic, at least do it correctly.

Leaving the /home and / dirs world readable is fine and common practice.

It does not mean that "any user on that machine would be able to do
anything that they wanted anywhere they chose."

It just means you can see who else has a home dir on the machine, as well
as the root of the directory structure. That's hardly a security
compromise.
Received on Dec 28 1999

This message: [ Message body ]
Next message: Mark Rafn: "Re: ssh quirks..."
Previous message: Warner Losh: "Re: BSD chfn bug"
In reply to: Rodney C. Marable: "Re: ssh quirks..."
Next in thread: Michal Zalewski: "Re: BSD chfn bug"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos