[ubuntu-hardened] home folder permissions
Nafallo Bjälevik
nafallo at magicalforest.se
Sat Nov 24 23:20:26 GMT 2007
Hi Christer,
On Sat, 2007-11-24 at 15:32 -0700, Christer Edwards wrote:
> I just noticed something and I'm not sure when this change occured. I
> was hoping someone on this list either might know, or might be able to
> help make a fuss about it.
>
> I did a long listing on the contents of /home on my ubuntu 6.06.1
> "dapper" server. I get the following
>
> christer at media:/home$ ls -hal
> drwx------ 18 christer christer 4.0K 2007-11-08 17:14 christer
>
> only readable and accessible by myself. this is what I want.
>
> I did the same on my 7.10 "gutsy" machine and I get something quite
> different, and I'm not terrible excited about the change:
>
> christer at macbook:/home$ ls -hal
> drwxr-xr-x 48 christer christer 4.0K 2007-11-24 15:17 christer
>
> Notice that the user home folders on ubuntu 7.10 are accessible and
> readable by the world. Can anyone else verify this behaviour? Can
> anyone pinpoint when it happened? I suppose I could dig out a 7.04 CD
> and see if it has the same behaviour there..
>
> If there are core ubuntu security guys on this list perhaps you can
> shed some light on this? In the meantime, would a manually revoking
> those privileges cause any issues that I don't see off the top of my
> head?
You must have changed that yourself. 022 is the default umask on all yet
released Ubuntu versions.
Cheers, /N
--
Nafallo Bjälevik <nafallo at magicalforest.se>
More information about the ubuntu-hardened
mailing list