> user home directories (IMHO) should have the permissions 700. > > After I install new debian boxes the permissions are always something > like 755. This is bad in my opinion, for a multiuser box. On firewalls, > however, there should be very few people logging in at all and then only > to administer the box, not to read mail or anything like that. Therefore > this isn't much of an issue for firewall installs. > > Does anyone know why debian has such lax perms on home dirs?
This seems to be determined in the adduser command, where I found the line: 482: my $default_dir_mode = 0755; There doesn't seem to be any way to configure this other than editing the code. While I'm interested in the problem, I have to say I would rather see this configurable in /etc/adduser.conf or from the command line rather than hard coded at 0700 or any other value. Cheers! Matthew ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ matthew whitworth [EMAIL PROTECTED] On Wed, 25 Oct 2000, Nate Campi wrote: > On Wed, 25 Oct 2000, Marcin Owsiany wrote: > > > Debian already has right permissions for files containing sensitive data > > (e.g. /etc/shadow). > > > > I agree with your statement, Marcin, except for one thing: > user home directories (IMHO) should have the permissions 700. > > After I install new debian boxes the permissions are always something > like 755. This is bad in my opinion, for a multiuser box. On firewalls, > however, there should be very few people logging in at all and then only > to administer the box, not to read mail or anything like that. Therefore > this isn't much of an issue for firewall installs. > > Does anyone know why debian has such lax perms on home dirs? > > Nate > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
