Re: Lesson learned / file permissions

To: debian-user@lists.debian.org
Subject: Re: Lesson learned / file permissions
From: Andreas Janssen <andreas.janssen@bigfoot.com>
Date: Wed, 20 Oct 2004 13:27:19 +0200
Message-id: <[🔎] cl5i01$bmk$1@sea.gmane.org>
References: <[🔎] 200410201245.59295.pt00oer@student.bth.se>

Hello

Olle Eriksson (<pt00oer@student.bth.se>) wrote:

> In one of my moments last night I thought, why should any of the files
> in my home directory need to be world-accessible? I didn't think long
> about it before I decided to remove all read, write and execute rights
> for world. Before I did that, however (and thank god for that), I
> saved all the existing permissions to a file:
> 
> $ find /home/username/ -xdev -printf "%m %p\n" > permissions.txt
> 
> Then:
> 
> $ sudo chmod o-rwx /home/username/*
> $ sudo chmod o-rwx /home/username/.*

All files in your /home should be yours, so it should be sufficient to
run chmod as a user. BTW, you are lucky you didn't run the second chmod
with the -R option, like I did a while ago. .* also includes ..

> After that, all hell broke lose. I couldn't start any new KDE
> application, existing applications complained about insufficient
> rights, no temporary or session files could be written etc. I couldn't
> even access my home directory after I restarted. Luckily I was able to
> restore all previous file permissions with the saved file and got back
> into my user account this morning. So, lesson learned. Don't mess with
> things you don't need to mess with, make backups, and be less
> paranoid. :)
> 
> I think it was the fact that /home lost all world-permissions that
> caused all the problems. Would you agree?

No. My home folder and everything inside is set to go-rwx.

> Secondly, by calling chmod with sudo, all the files owned by root that
> I as a user needed to see were now invisible. But they don't seem to
> be so many so I am wondering if that had any influence.

Aha. So there are files in your home folder, that you need, and that are
owned by root? Why? I guess the problem is that they belonged to root.
With the restrictive permissions, you could not access them. The change
I would make is not to make them world-readable. Instead use chown to
change the owner from root to olle.

best regards
 Andreas Janssen

-- 
Andreas Janssen <andreas.janssen@bigfoot.com>
PGP-Key-ID: 0xDC801674 ICQ #17079270
Registered Linux User #267976
http://www.andreas-janssen.de/debian-tipps.html

Reply to:

Follow-Ups:
- Re: Lesson learned / file permissions
  - From: Olle Eriksson <pt00oer@student.bth.se>

References:
- Lesson learned / file permissions
  - From: Olle Eriksson <pt00oer@student.bth.se>

Prev by Date: Re: Running PHP4 and PHP5 Simultaneousl on Apache in Debian!
Next by Date: problem to import images inkscape
Previous by thread: Re: Lesson learned / file permissions
Next by thread: Re: Lesson learned / file permissions
Index(es):
- Date
- Thread