nftables.conf - file permissions

Shaun.M

2/2/24, 3:17 PM

after the plain installation of nftables (ubuntu server 22.04) the permissions of the /etc/nftables.conf file are set to 755 (-rwxr-xr-x). i cannot believe that it's necessary that anyone has read and execute rights. so:

what are the correct minimum rights for nftables?

chmod 644 /etc/nftables.conf [?]

i looked through the web and man pages, but couldn't find a trusted answer.

128

1 + 1

server

chmod

nftables

22.04

Pilot6

2/2/24, 3:21 PM

The file is owned by `root`, and it is not executable, so I don't see any problems

Score:0

Ubuntu

Pilot6

2/2/24, 3:25 PM

The /etc/nftables.conf has 755 permissions by default.

It is owned by the root user.

This means that only root user can write to this file. Everyone else can only read and execute it.

It is a text configuration file, so it is not executable. It doesn't make any practical difference how you set permissions 755 or 644.

But 644 looks more appropriate.

+ 2

Shaun.M

2/2/24, 3:31 PM

thx, but still, does everyone needs read access? I could imagine that's a security risk.

Pilot6

2/2/24, 3:32 PM

Yes, other users need read access, like to all other `.conf` files in etc. There is nothing secret there.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: nftables.conf - file permissions

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.