[ubuntu-hardened] home folder permissions

Nafallo Bjälevik nafallo at magicalforest.se
Sat Nov 24 23:20:26 GMT 2007

 Hi Christer,

On Sat, 2007-11-24 at 15:32 -0700, Christer Edwards wrote:
> I just noticed something and I'm not sure when this change occured.  I
> was hoping someone on this list either might know, or might be able to
> help make a fuss about it.
> I did a long listing on the contents of /home on my ubuntu 6.06.1
> "dapper" server.  I get the following
> christer at media:/home$ ls -hal
> drwx------ 18 christer christer 4.0K 2007-11-08 17:14 christer
> only readable and accessible by myself.  this is what I want.
> I did the same on my 7.10 "gutsy" machine and I get something quite
> different, and I'm not terrible excited about the change:
> christer at macbook:/home$ ls -hal
> drwxr-xr-x 48 christer christer 4.0K 2007-11-24 15:17 christer
> Notice that the user home folders on ubuntu 7.10 are accessible and
> readable by the world.  Can anyone else verify this behaviour?  Can
> anyone pinpoint when it happened?  I suppose I could dig out a 7.04 CD
> and see if it has the same behaviour there..
> If there are core ubuntu security guys on this list perhaps you can
> shed some light on this?  In the meantime, would a manually revoking
> those privileges cause any issues that I don't see off the top of my
> head?

You must have changed that yourself. 022 is the default umask on all yet
released Ubuntu versions.

Cheers, /N
Nafallo Bjälevik <nafallo at magicalforest.se>

More information about the ubuntu-hardened mailing list