> It is still required for .. to work. > > For example, if the /usr directory on / is 700 but the directory on the > mounted filesystem is 755, everyone can use pathnames under /usr but only > root can use /usr/.. which is confusing and undesirable. > > > I always make mount-points 0111 these days > > I'd recommend to keep doing that :) Wow! Good catch! I missed that! And I note that ".." doesn't even appear on an ls -a That tells you too, Chris Rees :-) Ok, I'll stick with 0111 - also, the reason I use 0111 instead of just the default 755 (or whatever) is that it's an alert to me if some mount isn't mounted for whatever reason. To me, 0111 means mount-point only, period. Cheers, Jamie _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"