You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2008-05-01 12:51:32
- _Marco_
- Member
- Registered: 2008-04-21
- Posts: 242
Stealthing root filesystem
hi
I noticed that every file in the filesystem is readable by every user ...
this allow everybody to read some password keeping file (example wpa_supplicant.conf)
is thought to allow the read access only for root... is this easy to do? and there is any counter-indication?
thanks in advance for your replies
(edit: mispelling error)
Last edited by _Marco_ (2008-05-01 12:52:25)
Offline
#2 2008-05-01 13:06:52
- Allan
- Pacman
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 11,482
- Website
Re: Stealthing root filesystem
Well, if you "chmod 400 <file>", then it can only be read by root. Not sure if that will screw up anything to do with wpa supplicant though...
Offline
#3 2008-05-01 13:23:29
- _Marco_
- Member
- Registered: 2008-04-21
- Posts: 242
Re: Stealthing root filesystem
thanks for the reply!
that is a possible problem... 'cause the file must be read by a not-root user to connect
it's not good have passwords in clear.. (and I know that aren't the Arch developers to "blame" for this)
consider that I'd like to do that "chmod 400" for all /
bye
Offline
#4 2008-05-01 14:46:30
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Re: Stealthing root filesystem
chmod 400 makes the file read-only by the owner - if the owner happens to be root, then it's read-only by root.
My wpa_supplicant.conf is read/write by root i.e. chmod 600. This works for me, because netcfg has to be run as root anyway.
Offline
#5 2008-05-01 15:30:46
- _Marco_
- Member
- Registered: 2008-04-21
- Posts: 242
Re: Stealthing root filesystem
thanks tomk, do you know if it should work with NetworkManager too?
(never tried netcfg, I think I'm scared by the testing repo 
)
edit: I just noticed netcfg is in core ... 
Last edited by _Marco_ (2008-05-01 16:06:18)
Offline
Pages: 1