I would like to put network share mounts in /etc/fstab, but by default that file is world-readable which allows everyone to read the credentials I put into the mount options.
Is it safe to make /etc/fstab not readable by anyone other than root, e.g. owned by root:root with permissions 0640?
FWIW, I am using Debian Squeeze/Wheezy and Ubuntu LTS.
Best Answer
What share do you want to mount? Some allow to put credentials into external files only readable by root. This is the preferred way to handle this.
An example: CIFS/SMB knows the option
credentials=filename
wherefilename
is a file with the following content:See
man mount.cifs
for more information.