As Mark put it, if everything is owned by bin you would need to be root to do anything. Where is the benefit in this ?, you mentioned stupid junior admins , well in that case have a better hiring process , no need to obfuscate the current setup. On 06/22/2012 09:36 AM, Mark Felder wrote: > On Fri, 22 Jun 2012 10:59:28 -0500, Jason Hellenthal > <jhellenthal@dataix.net> wrote: > >> >> Security principles are well laid out and have not changed in a long >> time. Vering away from those principles will cause a LOT of >> administrative overhead as most software out there can expect a sane >> environment if / is root:wheel > > Well he claims that bin owned everything back in the day and I didn't > touch a *nix system until long after the time he describes. I can't > imagine the benefit or functionality of a system with bin owning > everything.... if everything precious is owned by bin, and bin isn't a > standard system user, someone would have to elevate to root to do > anything nasty. In the current setup you'd have to elevate to root to > do something nasty. > > I see no benefit in binaries or libraries being owned by bin. > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"