John Nilsson
john at milsson.nu
Thu Oct 20 14:40:45 CDT 2005
On Thu, 2005-10-20 at 13:51 -0400, John Richard Moser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> As requested on bug #17424, this discussion is being brought to this list.
>
> I feel it needs to be determined whether or not the default umasks and
> /home or /root directories need to be 0700 or not. I have come up with
> several reasons why the current setting of 0755 is a problem.
Is there _any_ reason for having o+r?
/home/* should default to 07[0157]1, IMHO 0701 would be sensible. That
way if someone decides to set the default group to "users" some times in
the future no unexpected insecurities would be introduced.
(o+x for public_html to work. Is there no better way to provide this
service?)
/root should just be 0700
Regards,
John
More information about the ubuntu-devel
mailing list