[ubuntu-hardened] home folder permissions

Christer Edwards christer.edwards at ubuntu.com
Sat Nov 24 22:32:01 GMT 2007

I just noticed something and I'm not sure when this change occured.  I
was hoping someone on this list either might know, or might be able to
help make a fuss about it.

I did a long listing on the contents of /home on my ubuntu 6.06.1
"dapper" server.  I get the following

christer at media:/home$ ls -hal
drwx------ 18 christer christer 4.0K 2007-11-08 17:14 christer

only readable and accessible by myself.  this is what I want.

I did the same on my 7.10 "gutsy" machine and I get something quite
different, and I'm not terrible excited about the change:

christer at macbook:/home$ ls -hal
drwxr-xr-x 48 christer christer 4.0K 2007-11-24 15:17 christer

Notice that the user home folders on ubuntu 7.10 are accessible and
readable by the world.  Can anyone else verify this behaviour?  Can
anyone pinpoint when it happened?  I suppose I could dig out a 7.04 CD
and see if it has the same behaviour there..

If there are core ubuntu security guys on this list perhaps you can
shed some light on this?  In the meantime, would a manually revoking
those privileges cause any issues that I don't see off the top of my


More information about the ubuntu-hardened mailing list