Page MenuHomeFreeBSD

More Secure Permissions for /root
ClosedPublic

Authored by gbe on Jan 28 2020, 9:26 AM.

Details

Summary

The /root directory is currently world readable,
which is quit insecure, because people tend to store sensitive data within in
/root directory.

Test Plan

make buildworld, but the only check would be a fresh installation within
a VM from a image that has these changes applied.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

I feel it would be better to discuss this on the mailing list. Maybe freebsd-hackers@.

My personal feeling is I'm neutral for the /root permission change. The /etc/sysctl.conf doesn't make too much sense to me because a user can still use sysctl(1) to get the value.

  • Update /root permissions to 0750
  • Revert sysctl.conf permissions changes
gbe retitled this revision from More Secure Permissions for /root and /etc/sysctl.conf to More Secure Permissions for /root.Feb 1 2020, 11:36 AM
gbe edited the summary of this revision. (Show Details)
ian added a subscriber: ian.

I believe 0750 is an ideal mode for the /root dir; it adds some security, and it seems unlikely that existing scripts or other automation people have in use will fail due to the change.

This revision is now accepted and ready to land.Feb 1 2020, 5:32 PM
cem added a subscriber: cem.

I don't object to /root mode 750. This seems to line up with, e.g., Fedora Linux defaults.

(The sysctl.conf change was wrong, but has been dropped.)

I just spun up a few other operating systems to check their /root/ directory permissions, and found the following:

BSD:

  • DragonFlyBSD 5.6.2 = 700
  • HardenedBSD build 104 = 755
  • NetBSD 9.0 RC1 = 755
  • OpenBSD 6.6 = 700

Linux:

  • ArchLinux 2020.02.01 = 750
  • CentOS 8 = 550
  • Debian 10 = 700
  • Fedora 31 = 550
  • Slackware 14.2 = 710
  • Ubuntu 19.10 = 700

(whitespace seems inconsistent with other mode= entries)

  • Fix whitespace identation
This revision now requires review to proceed.Feb 3 2020, 6:47 AM

Any update on this topic?

As pointed out on freebsd-hackers@ and the comments for the previous version of this patch, it is generally a good idea to have a sane default in place that was already adopted by many operating systems.

This is a sensible change. There was however some mailing list discussion about this change; let me check on (and encourage a resolution on) that and come back to this.

This is a sensible change. There was however some mailing list discussion about this change; let me check on (and encourage a resolution on) that and come back to this.

There was a thread about in January 2020 on hackers@. The following link points to the monthly archive, https://lists.freebsd.org/pipermail/freebsd-hackers/2020-January/thread.html

This is a very small and quiet ping!

Could this change be integrated since most of all other major deployed unix-like operating system has accomplished it with much stricter permissions?

Please see the above mentioned thread for details.

This revision was not accepted when it landed; it landed in state Needs Review.Jun 4 2020, 4:04 PM
This revision was automatically updated to reflect the committed changes.