From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D45EE139083 for ; Mon, 11 Dec 2017 01:10:55 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1E390E0F6B; Mon, 11 Dec 2017 01:10:49 +0000 (UTC) Received: from very.loosely.org (very.loosely.org [173.255.215.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A5CE5E0F00 for ; Mon, 11 Dec 2017 01:10:48 +0000 (UTC) Received: from [10.8.78.6] (port=57640 helo=matica.foolinux.mooo.com) by ahiker.mooo.com with esmtp (Exim 4.89) (envelope-from ) id 1eOCcJ-0004k1-Ig for gentoo-user@lists.gentoo.org; Sun, 10 Dec 2017 17:10:47 -0800 Received: from itz by matica.foolinux.mooo.com with local (Exim 4.89) (envelope-from ) id 1eOCcB-0003pO-QM for gentoo-user@lists.gentoo.org; Sun, 10 Dec 2017 17:10:39 -0800 Date: Sun, 10 Dec 2017 17:10:39 -0800 From: Ian Zimmerman To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] Why are these files restricted? Message-ID: <20171211011039.ezxodvs2lerl6jpf@matica.foolinux.mooo.com> Mail-Followup-To: gentoo-user@lists.gentoo.org Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Loosely-Listed: yes User-Agent: NeoMutt/20170707-dirty (1.8.3) X-Archives-Salt: 20705259-c3e5-4c63-a252-047fd95b02be X-Archives-Hash: a784ebfd9661f7c347d8b66007eb8d33 $ for f in /etc/at/at.deny /etc/cron.hourly/0anacron /etc/default/useradd ; do ls -l $f ; qfile $f ; done -rw-r----- 1 root at 166 Dec 10 16:57 /etc/at/at.deny sys-process/at (/etc/at/at.deny) -rwxr-x--- 1 root root 392 Nov 4 21:04 /etc/cron.hourly/0anacron sys-process/cronie (/etc/cron.hourly/0anacron) -rw------- 1 root root 96 Aug 14 10:57 /etc/default/useradd sys-apps/shadow (/etc/default/useradd) None of these seem sensitive to me, and restricting them like this looks like a case of SBO. On a debian system at.deny has similarly restricted perms; I can't check 0anacron because my debian system has no such package installed; and default/useradd has normal 644 mode. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet, fetch the TXT record for the domain.