Re: The story behind UPG and umask.
Am Wed, 26 May 2010 14:25:58 +0200
schrieb Michael Banck <mbanck@debian.org>:
> On Wed, May 26, 2010 at 02:36:53AM +0200, C. Gatzemeier wrote:
> > Am Tue, 25 May 2010 22:47:51 +0200
> > schrieb Harald Braumann <harry@unheit.net>:
> > > On Tue, May 25, 2010 at 10:09:35PM +0200, C. Gatzemeier wrote:
> > > > The path into your home directory is not restricted, just as the
> > > > path others can take to ring your bell at home is not
> > > > restricted.
> > >
> > > Depends on adduser settings. Both, world readable and private home
> > > directories are common.
> >
> > Thanks! Adding ...the path to your home *is by default* not
> > restricted,... seems to be more precise.
>
> In light of UPG, we might want to revisit the default here as well,
> maybe it makes sense to have your $HOME not world-readable be the
> default?
Just making a list of consequences to consider here.
Users can not modify the permissions of their home on their own,
but they can manage everything within their home. The UPG scheme
works directory based. So for private things, there should be a
ready to use and set up ~/priv directory by default. That is a place
where a user may keep much of his stuff, if he does not want to
change permissions of other subdirs. As world readable is a
largely used default programs with really privacy relevant config files
should take care of their config file permissions already.
If the $HOME however is not world accessible you can not have your
~/incoming or ~/Public directory within your home. More importantly
users can not create new group directories on their own in their home,
and they can not be allowed write access to a separate place
like /home/group for this.
When I'd set up an ISP/hosting system where users are not supposed to
collaborate and work on their own, I'd change the default home
permissions in adduser.conf.
There is also some discussion about the home permission on
https://wiki.ubuntu.com/MultiUserManagement
Cheers,
Christian
Reply to: