Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Permissions for rc.X
- Thread starter Mag0007
- Start date
The most secure it the least permission you can get away with while still allowing the scripts to start/stop.
Normally default (install) permissions (r-xr-xr--) (owner=root) (grp=system) are fine unless you have a special need. make sure /etc/inittab permissions are rw-------
You could change the rc files to have r-x--x---
Are you asking this question for a specific reason or are you just interested?
Mike
"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."
Normally default (install) permissions (r-xr-xr--) (owner=root) (grp=system) are fine unless you have a special need. make sure /etc/inittab permissions are rw-------
You could change the rc files to have r-x--x---
Are you asking this question for a specific reason or are you just interested?
Mike
"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."
RodKnowlton
MIS
- Apr 26, 2000
- 1,005
Since they're scripts, r-x--x--- may as well be r-x------.
If you can't read a script, you can't run it, no matter the execute bit.
If you're paranoid about users reading them, I'd go with r-xr-x---. Otherwise, going with the default r-xr-xr-- is plenty secure, and there may be other processes that expect it.
Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+
If you can't read a script, you can't run it, no matter the execute bit.
If you're paranoid about users reading them, I'd go with r-xr-x---. Otherwise, going with the default r-xr-xr-- is plenty secure, and there may be other processes that expect it.
Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+
- Status