file-permission to others?

[netcomander]

hi all,
is it a good idea, to remove permissions for other
in the most files? For example xinetd.d, I wonder
why anybody is able to read those files stored in there.
And what about configuration-files like httpd.conf,
smb.conf, named.conf, my.cnf, console.perms...

And I wonder, why anybody can read all this files per
default?

would be nice to get a hint, about that

greetings markus

 

[danielhozac]

That's because most applications runs as another user than root which is the default owner of configuration files. //Daniel

 

[netcomander]

thanks Daniel
I actually run a webserver. Accordingly I have only a
couple of users, who have to gain access to these files.
Wouldn't it be sufficient to add those users to the
permitted group?

I'm aware, that some files have to be accessed by
system-users. Can't I restrict access to those.
I want to prevent any other user to easily get
configuration - informations.

thanks in advance
greetings markus

 

[danielhozac]

Sure you can limit the access to the files, you just have to figure out who that daemon is running as and then [tt]chown[/tt] the configuration file to that user (and group, if you really need it). //Daniel