On Wed, 2022-11-02 at 15:23:08 +0000, Benjamin Drung wrote: > Hi everyone, > > adduser 3.123 (in Debian) changed the default mode for normal users > (DIR_MODE) from 0755 to 0700. The default mode for system user > (SYS_DIR_MODE) stayed untouched at 0755. See [1] and [2] for a > reasoning. > > Ubuntu on the other hand has been using mode 0750 for normal and system > users for a long time. > > I like to have the same default permissions on Debian and Ubuntu for > consistency reasons. Can we adopt the default permission from Debian or > should we start a discussion in Debian to change their DIR_MODE to > 0750?
I don't see much of a tangible benefit to switching to DIR_MODE=0700 by default in Ubuntu, however I would not oppose such a change - tighter permissions generally sounds like a good thing, but I wonder if there are other use-cases that this may break (and given that this is the permission for the user's primary group I don't see that is has much of a tangible difference as in general most users are not members of other users' primary groups). Regarding SYS_DIR_MODE, I am not sure I fully understand the reasoning for this remaining at 0755 - this doesn't seem to be specified in either the NEWS or README. These seem to only say that there was a desire to separate the two and have more restrictive permissions for regular users without affecting system users, but there is no mention of particular use-cases that would drive this decision. In the case of Ubuntu, I am not aware of any adverse impact of having system users default to 0750 so my preference would be to maintain this, but again I am interested to understand any good reasons why 0755 might be preferred in this case. > > [1] https://salsa.debian.org/debian/adduser/-/blob/master/debian/NEWS > [2] "Default for DIR_MODE" on > https://salsa.debian.org/debian/adduser/-/blob/master/debian/README > > -- > Benjamin Drung > Debian & Ubuntu Developer > > -- > ubuntu-devel mailing list > ubuntu-devel@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
