[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#398793: [Adduser-devel] Bug#398793: adduser: Non system wide readable (home) directories should not be 751

This one time, at band camp, Olaf van der Spek said:
> Yes, do you think 750 or 751 should be used?
> Consider the case where a user wants an easy way to ensure that none of 
> the files in his home directory are world-readable.

I feel like this conversation is starting to take on the usual Debian
mailing list characteristic of grinding around and around without
producing any content.  I am going to try to cut to the chase, and we'll
see if it works.

Olaf, the point of 0751 is that it allows for things like finger and
~/public_html and so forth.  Changing it to 0750 breaks those options,
but that may not be a big deal for your arrangement.  It is sort of a
big deal in most default multi user systems, so it shouldn't necessarily
be taken lightly.

As others have pointed out, umask is probably the correct way to make
sure that your files are not world readable.  This could trivially be
added to /etc/profile or something.

What benefits do you feel the change to 0750 brings, and is it worth the
loss to the default case?  Why?

|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |

Attachment: signature.asc
Description: Digital signature

Reply to: