The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 a way to protect rc and conf files
Author: ap 
Date:   03-03-00 02:36

Is there a way to protect from reading the rc files and the conf files of diferent daemons (like sendmail, apache, etc.) This is because I need to install some servers at difeent locations and I don't want people to read the configuration, so they can't copy the disk and modify this parameters to install this servers in other places.

Reply To This Message
 
 RE: a way to protect rc and conf files
Author: Dan Langille 
Date:   03-03-00 21:15

I'm guessing at what you are doing so I'm guessing with my answer.

You want to make the files so they are not writable by those that shouldn't write to them. For rc.conf, It's pretty safe to restrict writing to root only but readable by everyone else. All I can suggest is that you try experimenting with chmod. Try chmod 644 /etc/rc.conf. 6=read/write, 4=read. This means only root can write this file, but everyone can read it.

Reply To This Message
 
 RE: a way to protect rc and conf files
Author: ap 
Date:   04-03-00 18:40

Thanks but let me be more clear. I want to build servers for companies where I live and sell the computer and a lesson to operate the server. I don't want the computer genius of the company to be able to replicate the installation and start selling it to other companies, at least something to be harder to do than a dump to other HD and change the rc.conf and other .conf files. One way is no root password for them but I don't want to restrict to that level.

Reply To This Message
 
 RE: a way to protect rc and conf files
Author: Dan Langille 
Date:   05-03-00 12:02

If you give them the root password, I see no way to prevent doing anything they want to do. I suggest you post a full description to either the freebsd-question or freebsd-isp mailing lists.


Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org