Survey: /root/ is world readable - did you know

Mon Apr 24 10:55:30 UTC 2006

On Mon, 2006-04-24 at 18:36 +1000, Adam Conrad wrote:

> > I never wondered about /root/ specifically, but I did realise that
> > (and indeed wondered why) a lot of the system files and logs are
> > world readable.
> 
> If there is anything potentially sensitive that is world readable,
> please file a bug on it, rather than making vague references on a
> mailing list.

I don't have any serious issues with that, though I do wonder why system
logs need to be world readable as only administrators would need to look
at those. But that's just me wondering, not saying that it would be a
problem. 

> > Similarly, user's home folders are world readable by default, which I
> >  frankly find even harder to understand.
> 
> Same as above, nothing in ~user/ is assumed to be particularly
> sensitive, except for the things that are already protected.  

There is my main gripe.  Frankly I'd assume EVERYTHING in there is VERY
sensitive to the user. If a folder would need to be shared then the user
can adjust permissions to make it world (or group) readable, but other
than that I'd assume nothing about data being 'not particularly
sensitive'.

> If you
> prefer to have home directories be 0751 (note that you probably want
> 0751, not 0750, so people can traverse homes to get to, say,
> ~/public_html/ and the like), you can "dpkg-reconfigure adduser" and
> answer "no" the "system wide readable home directories" question.  This
> won't affect current user's home directories (you can change those
> manually), but will affect any future home directories created by adduser.

Ah, that's very good to know, thanks!!!

> > It becomes even more hard to understand when you realize that for
> > example Firefox bookmarks and form-data history and browser-history
> > files are world readable.
> 
> Uhm, ~/.mozilla is 0700 on my machine, and always has been.  Not sure
> what you're on about with this one.  The fact that it's *contents* may
> or may not be world-readable is irrelevant, since you need to be able to
> traverse the directory to get there.

~/.mozilla is 755 for me?  This is on my laptop (Dapper), I'll check
again at home to see what it is there.

> > Same for Evolution.. WHAT?? (2) I completely cannot believe this!
> 
> Same argument for evolution, though in this case, it seems to keep
> private data in a few locations, but none seem to be world-readable here.

Also 755 here. Will check again on another Dapper install.

> > I think in Unix-derived OS's, 'security' seems to be limited to the 
> > system itself.  We've discussed this before, how the system seems 
> > bullet-proof protected, but very little stands in the way of 
> > accidentally wiping out your own valuable and irreplacable files,
> > either by yourself by mistake or through some trojan-horse type of
> > program that you run.

> Now you're off on a tangent.  

I guess that wouldn't be the first time.  :)  I do have the feeling that
in the Unix (Linux) world, there's too much focus on keeping the system
stable, but very little focus on protecting user data.  This makes sense
for large multi users systems, but for home desktop use, the system can
be re-installed in minutes, whereas user files may be completely
irreplaceable. 

Cheers,
Chanchao