[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security of Debian SuX0r?

On Sat, Sep 02, 2000 at 03:06:16AM +0200, Peter Palfrader wrote:
> > > 751 seems more reasonable IMO.
> > 
> > This sounds also reasonable for me. And because of the x-bit UserDirs,
> > etc. should work. Does anyone objects if I change this with the next
> > upload of adduser? Consider that this is only the default behaviour,
> > if you still want 755 home-directories you just have to change the
> > value in /etc/adduser.conf.
> I'ld prefer keeping 755 as a default.

As I haven't looked at the configurability of adduser, I may be barking up
the wrong tree here..  Would it be possible to allow the sysadmin to add
new users to a given group or set of groups on creation of the account?
This way you could choose to have your ~ created as you.users 751 or
you.you if you want to make the user decide explicitly to change it to
group users or whatever.  I see other uses for a users group as some web
CGI scripts have files that need to be world writable and you can only
maintain security that way if you make the files you.users 646 or 642.

Obviously, no default is going to be acceptable to everyone, that's why
it's a default that can be changed.

Joseph Carter <knghtbrd@debian.org>               GnuPG key 1024D/DCF9DAB3
Debian GNU/Linux (http://www.debian.org/)         20F6 2261 F185 7A3E 79FC
The QuakeForge Project (http://quakeforge.net/)   44F9 8FF7 D7A3 DCF9 DAB3

<kira> is a surgical war where you go give the foreign troops nose jobs?

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: