On February 18, 2004 04:41 pm, Chris W. Parker wrote: > hi. > > i was just wondering. why are there so many world readable files > throughout the linux os? shouldn't a directory like /etc not be readable > by the world? > > the reason i ask is because i setup a cron job that backups up a > database each night. i noticed that the backup file that was being > created was 0 bytes so i did some investigation. turns out it's because > i changed the mysql root password, so i changed it in the file. > > but then i realized the file is world readable by default. of course i > changed it to 750 (maybe it should be 700?) but i don't see why so many > files are world readable. > > someone enlighten me please. > > > thanks, > chris. Hi Chris, There are a lot of files in /etc and other areas that should be accessable by regular users. The ones that matter are not readable. For example, a script may check for valid user by greping the /etc/passwd file, but the passwords are kept in /etc/shadow, which is only readable by root. In a case where you want to automate something you should try and use an account with no login shell, and then use key based if possible, or at least restrict the file to owner &/or group as required. Sounds like you have done that already. Basicly, storing passwords for scripts or programs to use is not a good idea if it can be avoided. Yes there are lots of files that are world readable that don't need to be. So you could carefully remove that access, being careful not to break anything, but again, the system files that need to be private are not world readable. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list