Big Hole
Tres Seaver
tseaver at zope.com
Tue Feb 8 15:56:23 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Colin Watson wrote:
| On Mon, Feb 07, 2005 at 07:33:11PM +0000, baza wrote:
|
|>I think I've found a security hole in my Hoary box.
|>
|>Without changing any of the default permissions a user on a multi-user
|>box can see the files in an other persons Home directory????
|
|
| That's a feature, not a bug. (It's awkward for users to share files
| otherwise, which is a frequent use of a multi-user box.) If you want a
| private directory inside which other users can't see, use 'chmod o-rwx'
| to make other users have no permissions on it.
FWIW, the typical homedir has *lots* of stuff in it which probably
shouldn't be exposed by default (.bash_history, for instance, as well as
other dotfiles / configuration directories).
I could perhaps see adding a 'shared' directory ('o+rx') to '/etc/skel',
and making the homedirs 'o+x' to allow access to it.
Tres.
- --
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCCOEnGqWXf00rNCgRAh+pAKCdWHNfrhPyiudqbRpyJTf196unmACfYbdH
3J4Qfx8Lxjl2roxJc5CfN8A=
=xqLI
-----END PGP SIGNATURE-----
More information about the ubuntu-users
mailing list