| Main Archive Page > Month Archives > ubuntu-hardened archives |
[ubuntu-hardened] home folder permissions
From: Christer Edwards <christer.edwards_at_nospam>Date: Sat Nov 24 2007 - 22:32:01 GMT
To: ubuntu-hardened@lists.ubuntu.com
I just noticed something and I'm not sure when this change occured. I
was hoping someone on this list either might know, or might be able to
help make a fuss about it.
I did a long listing on the contents of /home on my ubuntu 6.06.1 "dapper" server. I get the following
christer@media:/home$ ls -hal
drwx------ 18 christer christer 4.0K 2007-11-08 17:14 christer
only readable and accessible by myself. this is what I want.
I did the same on my 7.10 "gutsy" machine and I get something quite different, and I'm not terrible excited about the change:
christer@macbook:/home$ ls -hal
drwxr-xr-x 48 christer christer 4.0K 2007-11-24 15:17 christer
Notice that the user home folders on ubuntu 7.10 are accessible and readable by the world. Can anyone else verify this behaviour? Can anyone pinpoint when it happened? I suppose I could dig out a 7.04 CD and see if it has the same behaviour there..
If there are core ubuntu security guys on this list perhaps you can shed some light on this? In the meantime, would a manually revoking those privileges cause any issues that I don't see off the top of my head?
Christer -- ubuntu-hardened mailing list ubuntu-hardened@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened