PaulDotCom mailing list archives

Worst setting(s) in /etc

From: nberthaume at gmail.com (Nicholas B.)
Date: Wed, 3 Jun 2009 15:02:05 -0400

A little ninja suggested that I post this to the list as well
(originally in the pdc forums):

Over the years I've seen a number of really bad configuration settings
that can lead to compromise or unwanted information disclosure on *nix
systems.  Amongst these a common issue is configuration of NFS for
easy of doing everything.  The setting I'm talking about is found in
the /etc/exports file and may appear something like:

/home      192.168.0.*(rw,no_root_squash,insecure)

This leads to giving full write access as root the everything in the
/home directory to every IP address in the 192.168.0.0/24 subnet able
to connect to the system via NFS.

I'd like to know what poor configuration settings have others run
across on *nix systems that are done for convenience and/or lack of
knowledge concerning the settings found in these files.

Current thread:

Worst setting(s) in /etc Nicholas B. (Jun 03)
- <Possible follow-ups>
- Worst setting(s) in /etc d4ncingd4n at gmail.com (Jun 03)
- Worst setting(s) in /etc David A. Gershman (Jun 03)