Re: harden-debian script?

To: Marcin Owsiany <porridge@pandora.info.bielsko.pl>
Cc: debian-firewall@lists.debian.org
Subject: Re: harden-debian script?
From: Nate Campi <nate@campin.net>
Date: Wed, 25 Oct 2000 15:52:37 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.21.0010251546180.21400-100000@jake.campin.net>
In-reply-to: <[🔎] 20001025221145.A13806@piglet.ds14.agh.edu.pl>

On Wed, 25 Oct 2000, Marcin Owsiany wrote:

> Debian already has right permissions for files containing sensitive data
> (e.g. /etc/shadow).
> 

I agree with your statement, Marcin, except for one thing:
user home directories (IMHO) should have the permissions 700.

After I install new debian boxes the permissions are always something
like 755. This is bad in my opinion, for a multiuser box. On firewalls,
however, there should be very few people logging in at all and then only
to administer the box, not to read mail or anything like that. Therefore
this isn't much of an issue for firewall installs.

Does anyone know why debian has such lax perms on home dirs?

  Nate

Reply to:

Follow-Ups:
- Re: harden-debian script?
  - From: Matthew Whitworth <matthew@okcomputer.org>

References:
- Re: harden-debian script?
  - From: Marcin Owsiany <porridge@pandora.info.bielsko.pl>

Prev by Date: Re: harden-debian script?
Next by Date: RE: harden-debian script?
Previous by thread: Re: harden-debian script?
Next by thread: Re: harden-debian script?
Index(es):
- Date
- Thread