Re: Security of Debian SuX0r?

To: debian-devel@lists.debian.org
Subject: Re: Security of Debian SuX0r?
From: "Jonathan D. Proulx" <jon@ai.mit.edu>
Date: Fri, 1 Sep 2000 20:06:20 -0400
Message-id: <[🔎] 20000901200620.B8973@spoon.ai.mit.edu>
In-reply-to: <[🔎] 20000901174015.C1923@thinkpad.roland.eu.org>; from rb@debian.org on Fri, Sep 01, 2000 at 05:40:15PM -0500
References: <20000830145720.A28811@verso.st.jyu.fi> <[🔎] 20000901174015.C1923@thinkpad.roland.eu.org>

On Fri, Sep 01, 2000 at 05:40:15PM -0500, Roland Bauerschmidt wrote:
:On Wed, Aug 30, 2000 at 02:57:20PM +0300, Juhapekka Tolvanen wrote:
:> Kurt Seifried
:
:While we are at it. Kurt critizes that adduser creates home
:directories readable for all users by default. The woody version has
:an option in /etc/adduser.conf to change it to any value you
:want. Shall we make something like 700 default? It would break some
:things like "UserDir public_html" in Apache, etc.

Anything less than 700 breaks RSA authentication for ssh.  A point to
consider though I'll gladly concede that anyone using RSA keys ought
to know what permissions they want on their home directory and how to
change them.

-Jon


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Security of Debian SuX0r?
  - From: Ethan Benson <erbenson@alaska.net>

References:
- Re: Security of Debian SuX0r?
  - From: Roland Bauerschmidt <rb@debian.org>

Prev by Date: Re: Security of Debian SuX0r?
Next by Date: Re: Security of Debian SuX0r?
Previous by thread: Re: Security of Debian SuX0r?
Next by thread: Re: Security of Debian SuX0r?
Index(es):
- Date
- Thread