I would like to know if setting permissions like below on any linux distros mostly servers is good: -- File Permissions -- Obscurity: chattr +i /etc/exports chattr +i /etc/hosts.equiv chattr +i /etc/hosts.lpd chattr +i /etc/inetd.conf chattr +i /etc/lilo.conf chattr +i /etc/login.access chattr +i /etc/login.defs chattr +i /etc/porttime chattr +i /etc/protocols chattr +i /etc/securetty chattr +i /etc/services chattr +i /etc/suauth man chattr Remove unneeded files: rm /etc/csh.login man tcsh chmod a long list of files: chmod 750 /bin/mt-st chmod 600 /etc/ftpusers chmod 600 /etc/hosts.allow chmod 600 /etc/hosts.deny chmod 600 /etc/inetd.conf chmod 600 /etc/inittab chmod 600 /etc/lilo.conf chmod 600 /etc/login.defs chmod 600 /etc/securetty chmod 600 /etc/suauth chmod 440 /etc/sudoers chmod 600 /etc/syslog.conf chmod 750 /sbin/badblocks chmod 750 /sbin/debugfs chmod 750 /sbin/depmod chmod 750 /sbin/dumpe2fs chmod 750 /sbin/explodepkg chmod 750 /sbin/fdisk chmod 750 /sbin/fsck chmod 750 /sbin/fsck.ext2 chmod 750 /sbin/fsck.minix chmod 750 /sbin/ftl_check chmod 750 /sbin/ftl_format chmod 750 /sbin/halt chmod 750 /sbin/hwclock chmod 750 /sbin/ifconfig chmod 750 /sbin/ifport chmod 750 /sbin/ifuser chmod 750 /sbin/init chmod 750 /sbin/insmod chmod 750 /sbin/installpkg chmod 750 /sbin/isapnp chmod 750 /sbin/killall5 chmod 750 /sbin/lilo chmod 750 /sbin/makepkg chmod 750 /sbin/mke2fs chmod 750 /sbin/mkfs chmod 750 /sbin/mkfs.minix chmod 750 /sbin/mkdosfs chmod 750 /sbin/mkraid chmod 750 /sbin/mkswap chmod 750 /sbin/modinfo chmod 750 /sbin/netconfig.color chmod 750 /sbin/netconfig.tty chmod 750 /sbin/pkgtool chmod 750 /sbin/pnpdump chmod 750 /sbin/removepkg chmod 750 /sbin/rpc.portmap chmod 750 /sbin/quotaon chmod 750 /sbin/rdev chmod 750 /sbin/runlevel chmod 750 /sbin/setserial chmod 750 /sbin/swapon chmod 750 /sbin/tune2fs chmod 750 /sbin/upgradepkg chmod 750 /sbin/uugetty chmod 750 /usr/bin/eject chmod 4750 /usr/bin/gpasswd chmod 750 /usr/bin/lpq chmod 750 /usr/bin/lprm chmod 4750 /usr/bin/lpr chmod 750 /usr/bin/minicom chmod 700 /usr/bin/nohup chmod 700 /usr/bin/script chmod 500 /usr/lib/news/bin/inndstart chmod 500 /usr/lib/news/bin/startinnfeed chmod 750 /usr/lib/setup/cpkgtool chmod 750 /usr/lib/setup/hdsetup chmod 750 /usr/sbin/atd chmod 750 /usr/sbin/atrun chmod 750 /usr/sbin/crond chmod 750 /usr/sbin/ctrlaltdel chmod 750 /usr/sbin/dhcpd chmod 750 /usr/sbin/dhcrelay chmod 750 /usr/sbin/edquota chmod 750 /usr/sbin/groupadd chmod 750 /usr/sbin/groupdel chmod 750 /usr/sbin/groupmod chmod 750 /usr/sbin/grpck chmod 750 /usr/sbin/grpconv chmod 750 /usr/sbin/grpunconv chmod 750 /usr/sbin/hdparm chmod 750 /usr/sbin/imapd chmod 750 /usr/sbin/in.comsat chmod 755 /usr/sbin/in.fingerd chmod 755 /usr/sbin/in.identd chmod 750 /usr/sbin/in.talkd chmod 000 /usr/sbin/in.rexecd chmod 000 /usr/sbin/in.rlogind chmod 000 /usr/sbin/in.rshd chmod 750 /usr/sbin/in.telnetd chmod 000 /usr/sbin/in.tftpd chmod 750 /usr/sbin/in.timed chmod 750 /usr/sbin/inetd chmod 750 /usr/sbin/ipop3d chmod 750 /usr/sbin/klogd chmod 2750 /usr/sbin/lpc chmod 740 /usr/sbin/lpd chmod 750 /usr/sbin/lpf chmod 550 /usr/sbin/makemap chmod 750 /usr/sbin/mouseconfig chmod 750 /usr/sbin/named chmod 750 /usr/sbin/newusers chmod 750 /usr/sbin/nmbd chmod 750 /usr/sbin/ntpdate chmod 750 /usr/sbin/ntpq chmod 750 /usr/sbin/ntptime chmod 750 /usr/sbin/ntptrace chmod 750 /usr/sbin/pppd chmod 750 /usr/sbin/pwck chmod 750 /usr/sbin/pwconv chmod 750 /usr/sbin/pwunconv chmod 550 /usr/sbin/quotastats chmod 750 /usr/sbin/rpc.bootparamd chmod 750 /usr/sbin/rpc.mountd chmod 750 /usr/sbin/rpc.nfsd chmod 750 /usr/sbin/rpc.rusersd chmod 750 /usr/sbin/rpc.rwalld chmod 750 /usr/sbin/rpc.yppasswdd chmod 750 /usr/sbin/rpc.ypxfrd chmod 750 /usr/sbin/rpcinfo chmod 750 /usr/sbin/showmount chmod 750 /usr/sbin/smbd chmod 750 /usr/sbin/syslogd chmod 750 /usr/sbin/tcpd chmod 750 /usr/sbin/tcpdchk chmod 750 /usr/sbin/tcpdmatch chmod 750 /usr/sbin/tcpdump chmod 750 /usr/sbin/timeconfig chmod 750 /usr/sbin/useradd chmod 750 /usr/sbin/userdel chmod 750 /usr/sbin/usermod chmod 750 /usr/sbin/vipw
