Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ssh quirks...

From: vnavrat () MATH LUC EDU (Viktorie Navratilova)
Date: Tue, 28 Dec 1999 12:06:03 -0600

On Mon, 27 Dec 1999, Rodney C. Marable wrote:


typically the /home dir should be world readable  as should the / dir.


If this is true, any user on that machine would be able to do anything
that they wanted anywhere they chose.  I don't believe this is the advice
you meant to convey.


If you're going to be pedantic, at least do it correctly.

Leaving the /home and / dirs world readable is fine and common practice.

It does not mean that "any user on that machine would be able to do
anything that they wanted anywhere they chose."

It just means you can see who else has a home dir on the machine, as well
as the root of the directory structure.  That's hardly a security
compromise.
Previous By Date Next
Previous By Thread Next

Current thread: