Page MenuHomeFreeBSD
Differential D23392

More Secure Permissions for /root
ClosedPublic
Actions

Authored by gbe on Jan 28 2020, 9:26 AM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 20 2024, 4:44 AM
Unknown Object (File)
Jan 11 2024, 3:04 AM
Unknown Object (File)
Jan 3 2024, 3:26 AM
Unknown Object (File)
Dec 22 2023, 11:12 PM
Unknown Object (File)
Dec 14 2023, 7:01 PM
Unknown Object (File)
Dec 2 2023, 5:57 AM
Unknown Object (File)
Nov 30 2023, 1:05 PM
Unknown Object (File)
Oct 22 2023, 5:50 AM
View All 49 Files
Subscribers
cem
ian
imp
woodsb02

Details

Reviewers
emaste
lwhsu
ian
cem
Group Reviewers
Contributor Reviews (src)
Commits
rS361791: Restrict default /root permissions
Summary

The /root directory is currently world readable,
which is quit insecure, because people tend to store sensitive data within in
/root directory.

Test Plan

make buildworld, but the only check would be a fresh installation within
a VM from a image that has these changes applied.

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 29091
Build 27037: arc lint + arc unit

Event Timeline

gbe created this revision.Jan 28 2020, 9:26 AM
Harbormaster completed remote builds in B28967: Diff 67391.Jan 28 2020, 9:26 AM
gbe added reviewers: emaste, lwhsu.Jan 28 2020, 9:27 AM
lwhsu added a comment.Jan 28 2020, 9:15 PM

I feel it would be better to discuss this on the mailing list. Maybe freebsd-hackers@.

My personal feeling is I'm neutral for the /root permission change. The /etc/sysctl.conf doesn't make too much sense to me because a user can still use sysctl(1) to get the value.

gbe updated this revision to Diff 67612.Feb 1 2020, 11:35 AM
  • Update /root permissions to 0750
  • Revert sysctl.conf permissions changes
Harbormaster completed remote builds in B29091: Diff 67612.Feb 1 2020, 11:36 AM
gbe retitled this revision from More Secure Permissions for /root and /etc/sysctl.conf to More Secure Permissions for /root.Feb 1 2020, 11:36 AM
gbe edited the summary of this revision. (Show Details)
ian accepted this revision.Feb 1 2020, 5:32 PM
ian added a subscriber: ian.

I believe 0750 is an ideal mode for the /root dir; it adds some security, and it seems unlikely that existing scripts or other automation people have in use will fail due to the change.

This revision is now accepted and ready to land.Feb 1 2020, 5:32 PM
cem accepted this revision.Feb 1 2020, 8:46 PM
cem added a subscriber: cem.

I don't object to /root mode 750. This seems to line up with, e.g., Fedora Linux defaults.

(The sysctl.conf change was wrong, but has been dropped.)

woodsb02 added a subscriber: woodsb02.EditedFeb 2 2020, 1:45 PM

I just spun up a few other operating systems to check their /root/ directory permissions, and found the following:

BSD:

  • DragonFlyBSD 5.6.2 = 700
  • HardenedBSD build 104 = 755
  • NetBSD 9.0 RC1 = 755
  • OpenBSD 6.6 = 700

Linux:

  • ArchLinux 2020.02.01 = 750
  • CentOS 8 = 550
  • Debian 10 = 700
  • Fedora 31 = 550
  • Slackware 14.2 = 710
  • Ubuntu 19.10 = 700
emaste added a comment.Feb 2 2020, 8:36 PM

(whitespace seems inconsistent with other mode= entries)

gbe updated this revision to Diff 67683.Feb 3 2020, 6:47 AM
  • Fix whitespace identation
This revision now requires review to proceed.Feb 3 2020, 6:47 AM
Harbormaster completed remote builds in B29120: Diff 67683.Feb 3 2020, 6:47 AM
gbe added a comment.Feb 8 2020, 3:01 PM

Any update on this topic?

As pointed out on freebsd-hackers@ and the comments for the previous version of this patch, it is generally a good idea to have a sane default in place that was already adopted by many operating systems.

gbe added a comment.Mar 9 2020, 9:41 PM

PIng?

0mp added a reviewer: Contributor Reviews (src).Apr 15 2020, 2:13 PM
emaste added a comment.Apr 15 2020, 4:28 PM

This is a sensible change. There was however some mailing list discussion about this change; let me check on (and encourage a resolution on) that and come back to this.

gbe added a comment.Apr 15 2020, 7:19 PM
In D23392#537509, @emaste wrote:

This is a sensible change. There was however some mailing list discussion about this change; let me check on (and encourage a resolution on) that and come back to this.

There was a thread about in January 2020 on hackers@. The following link points to the monthly archive, https://lists.freebsd.org/pipermail/freebsd-hackers/2020-January/thread.html

gbe added a comment.Jun 4 2020, 2:36 PM

This is a very small and quiet ping!

Could this change be integrated since most of all other major deployed unix-like operating system has accomplished it with much stricter permissions?

Please see the above mentioned thread for details.

This revision was not accepted when it landed; it landed in state Needs Review.Jun 4 2020, 4:04 PM
Closed by commit rS361791: Restrict default /root permissions (authored by cem). · Explain Why
This revision was automatically updated to reflect the committed changes.
cem added a commit: rS361791: Restrict default /root permissions.
Herald added a subscriber: imp. · View Herald TranscriptJun 4 2020, 4:04 PM
cem added a comment.Jun 4 2020, 4:06 PM

Thanks, Gordon.

i.dani_outlook.com mentioned this in D42395: Fix /root permissions after 'make installworld'.Nov 13 2023, 9:16 AM

Revision Contents
Changeset List

PathSize
etc/
mtree/
2 lines

Diff 67612

View Options

etc/mtree/BSD.root.dist

Loading...