[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Restrictive file permissions
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: Restrictive file permissions |
|
Date: |
Thu, 05 Dec 2013 16:28:09 -0500 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.0 |
On 12/05/2013 04:20 PM, Jonathan McCune wrote:
> On Thu, Dec 5, 2013 at 10:10 AM, Colin Watson <address@hidden> wrote:
>
>> I think we should identify the call sites that really need restricted
>> permissions, explicitly lock them down, and open things back up for
>> everything else.
>
> I agree that this policy makes more sense.
fwiw, i agree with Jonathan and Colin that the default should be
readable, and that we should only lock down specific files when we know
that there is a need.
i've argued for locking down the initramfs when it contains secret key
material in http://bugs.debian.org/536195 so i'm aware that there are
legitimate read-sensitivity concerns for some bootloader-available data.
I'm really glad that the issue is taken seriously by the GRUB team. i
just don't think files should be unreadable by default, because i prefer
the ease of collaborative maintenance (as highlighted by Colin) and the
general principle of system transparency for users where it does not
present a security risk.
--dkg
signature.asc
Description: OpenPGP digital signature