On Thu, Feb 17, 2011 at 04:07:12PM +0100, Olaf van der Spek wrote: > On Thu, Feb 17, 2011 at 3:58 PM, Roger Leigh <email@example.com> wrote: > > In general, I think it's fair to say that the average Debian > > installation does not require Fort Knox levels of security. Simply > > allowing other people to read our files is often something desirable; > > Does other refer to other users, all other accounts or the entire world? It refers to S_IRWXO, which is what this bug is about. What that means in practice is up to you. > > if I have something especially secret, I'll take steps to make sure > > it's not readable or writeable by anyone except me. But in general, > > it's not a bad thing that others can see my stuff. I can always keep > > private things in a 0700 subdirectory. > > You can, but you can easily forget that. > Note that defaulting to private does not prevent you from changing the > permissions. … > Like backups, the need for security is often discovered after it was necessary. Yes, but like everything there is a tradeoff. A totally secure system is an unusable system. Having to instruct every user how to relax the permissions to allow others to access their files, or allow their web pages to be visible, is effectively pointless make-work if that was what you wanted in the first place. And for most people, I would argue that /is/ what is wanted. Remember that historically, multi-user systems have been about sharing and collaboration, not isolation in walled-off prisons. I know which type of system I want, and it's not the latter. 0755 is not inherently insecure. Others can't make any changes, but they can look. The only issue here is accidental disclosure of information intended to be private. I would argue that a change that /would/ make a real difference, would be to have (as an example) emblems in Nautilus that flag files and folders depending on if other people have read or write access. That would visually show what is (and is not) secure either by intention or by accident. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
Description: Digital signature