DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2nd March 2014
Syrus Syrus is offline
New User
 
Join Date: Feb 2014
Posts: 2
Default Hi! A question about openbsd security

I'm a self confessed noob so this may be a silly question but I noticed when i tried running the command
SHUTDOWN NOW
it just logged me out. At which point the system stated it was going into security level 0 and allowed a passwordless / usernameless login!

I thopught that was strange for an OS focused on security?

When it allows the passwordless login I decided to take a look at the file .CSHRC
So i ran the head command and noticed this
UMASK 022

Which again I thought was strange because I got taught to set the umask permissions to 700 as standard!? I thought openbsd would not do this - is there a reason for it and when I log in as root is that the file I should edit for global permissions?

Reply With Quote
  #2   (View Single Post)  
Old 3rd March 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

The shutdown(8) command logs you out, drops into single user mode (shutting down all running processes except init(8)), then halts the system. If requested by the -p operand, it will also power down the system, if the hardware supports automatic power down, but that is dependent upon the system's BIOS and the method it uses for software power down control. Issuing:

# shutdown now

Will drop from multiuser to single user mode. It will not halt the system nor power down the system unless the -h or -p operands are used or the variable powerdown is set to YES in /etc/rc.shutdown.

A system which is halted can be rebooted just by pressing any key on the keyboard.

Last edited by jggimi; 3rd March 2014 at 01:18 AM. Reason: typo, clarity, and then stupidity on my part for not remembering "shutdown now" is equivalent to "kill 1"
Reply With Quote
  #3   (View Single Post)  
Old 3rd March 2014
ibara ibara is offline
OpenBSD language porter
 
Join Date: Jan 2014
Posts: 783
Default

Quote:
Originally Posted by Syrus View Post
I got taught to set the umask permissions to 700 as standard!?
Someone taught you a really cruel joke.
umask 700 does not do what you think it does.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD pf NAT question imnoboist OpenBSD Security 7 6th August 2012 07:35 PM
OpenBSD Packages question shep OpenBSD Packages and Ports 4 9th March 2011 03:27 AM
Question about installing OpenBSD as Firewall afcelie OpenBSD Installation and Upgrading 12 3rd January 2011 09:18 PM
OpenBSD release to -current: Xenocara question IronForge OpenBSD Installation and Upgrading 4 1st September 2009 05:44 PM
Enlightenment e17 on OpenBSD (Question about current ports) uptonm OpenBSD Packages and Ports 2 17th June 2009 09:12 PM


All times are GMT. The time now is 07:22 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick