Re: Why is the chmod values in /home insecure by default?
Jesper Wallin wrote: Jesper Wallin wrote: Hello.. I'm running FreeBSD 5.2.1-RELEASE-p5 and when I create new user accounts with "adduser", the home directories are world readable/executable.. Sure, it might be useful if I want to publish a website in my public_html, but yet, it should be up to the user if he want to have his homedir world-readable, but by default it should be set to "chmod 700" or "chmod 750" if each user has their own group imho. However, I saw that "adduser" had a config file (/etc/adduser.conf) but the there is no manual entry for adduser.conf and I can't find any example for it.. How can I change the default permission for new home-directories? This might help: http://archives.neohapsis.com/archives/freebsd/2000-08/0361.html Basically, you need to change the permissions f the directory /usr/share/skel and its contents. PWR. Hello.. First of all, thanks for your answer.. I tried to chmod both /etc/skel and /usr/share/skel to 700, yet it's not working.. I've checked in /usr/local/etc for any "skel" directory, but it's not there and the man page for "adduser" says it's /usr/share/skel (which doesn't work) .. When I do it (and I chmod'ed the contents of /usr/share/skel as well as the directory), I get a home directory with the permissions you mention, but all the contents are 0700. Therefore no other user can see them. But I can see this isn't quite what you asked for so I have just searched a bit. Googling gives me a patch to adduser (you'd have to adjust this to get the exact behaviour you're looking for): http://lists.freebsd.org/pipermail/freebsd-bugs/2003-December/004620.html And an elaboration of the type of workaround I originally suggested, at: http://freebsdaddicts.org/modules.php?name=Sections&op=viewarticle&artid=2 HTH. PWR. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why is the chmod values in /home insecure by default?
> Jesper Wallin wrote: > >>Hello.. >> >>I'm running FreeBSD 5.2.1-RELEASE-p5 and when I create new user accounts with >> "adduser", >>the home directories are world readable/executable.. Sure, it might be useful if I >>want >>to publish a website in my public_html, but yet, it should be up to the user if he >>want >>to have his homedir world-readable, but by default it should be set to "chmod 700" or >>"chmod 750" if each user has their own group imho. However, I saw that "adduser" had >>a >>config file (/etc/adduser.conf) but the there is no manual entry for adduser.conf >>and I >>can't find any example for it.. How can I change the default permission for new >>home-directories? >> >> > > This might help: > > http://archives.neohapsis.com/archives/freebsd/2000-08/0361.html > > Basically, you need to change the permissions f the directory > /usr/share/skel and its contents. > > PWR. > > Hello.. First of all, thanks for your answer.. I tried to chmod both /etc/skel and /usr/share/skel to 700, yet it's not working.. I've checked in /usr/local/etc for any "skel" directory, but it's not there and the man page for "adduser" says it's /usr/share/skel (which doesn't work) .. Regards, Jesper Wallin ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why is the chmod values in /home insecure by default?
Jesper Wallin wrote: Hello.. I'm running FreeBSD 5.2.1-RELEASE-p5 and when I create new user accounts with "adduser", the home directories are world readable/executable.. Sure, it might be useful if I want to publish a website in my public_html, but yet, it should be up to the user if he want to have his homedir world-readable, but by default it should be set to "chmod 700" or "chmod 750" if each user has their own group imho. However, I saw that "adduser" had a config file (/etc/adduser.conf) but the there is no manual entry for adduser.conf and I can't find any example for it.. How can I change the default permission for new home-directories? This might help: http://archives.neohapsis.com/archives/freebsd/2000-08/0361.html Basically, you need to change the permissions f the directory /usr/share/skel and its contents. PWR. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"