On Mon, Sep 12, 2022 at 07:39:37AM -, Alkis Georgopoulos wrote:
> This change takes away the ability of the users to share some of their
> data WITHOUT involving the administrator.
Hello Alkis, do note that it is typical for users to own their own home
directory; if a user wishes to share,
Great! Thank you for prioritizing the user's privacy!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
Status in adduser package in
Schools have started installing/upgrading to 22.04.1 and we're just now
seeing this.
This change takes away the ability of the users to share some of their data
WITHOUT involving the administrator.
It's not "privacy by default", it's "mandatory privacy".
Privacy by default could be done with
As noted in the discourse thread on this https://discourse.ubuntu.com/t
/private-home-directories-for-ubuntu-21-04-onwards/19533 - I think a
similar ACL approach should be able to be used to give the www-data user
or similar access to your home dir for ~/public_html or for samba as
needed.
--
Just two things that are broken with DIR_MODE=0750
(Which are still perfectly supported with the proof-of-concept
lock-down plus improved-usability script from last the post.
Independently from the additional group directories that it
introduces.)
* samba usershares
* ~/public_html
--
You
--- Avoiding the caveat of "this does not work"? ---
You may just not have thought yet of this solution that can be
implemented with little adjustment:
( Privacy by default? YES, even with improved usability! )
Here is a trial script:
Hello, I’m original bug reporter back from 2006 and I’ve been watching
the development of this bug over the years and I just wanted to say a
big thank everyone for getting this sorted!
- Dan
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
On 18/01/2021 12:46, Launchpad Bug Tracker wrote:
> This bug was fixed in the package adduser - 3.118ubuntu5
>
> ** Changed in: adduser (Ubuntu Hirsute)
>Status: Fix Committed => Fix Released
\o/
Well done and thank you to everyone who worked to make this happen.
I wonder if there
This bug was fixed in the package adduser - 3.118ubuntu5
---
adduser (3.118ubuntu5) hirsute; urgency=medium
* Enable private home directories by default (LP: #48734)
- Set DIR_MODE=0750 in the default adduser.conf
- Change the description and default value to select private
The issue with rootless podman userns mapping is described here
(postgres db confined in host user home):
https://www.redhat.com/sysadmin/rootless-podman-makes-sense
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in
Probably, behind the original decision there were also issues of home
access, required by some unprivileged services, like apache (userdir).
Today, letting all users accessing any ~/Doc,~/Pic,~/Video look like a
huge security hole (MS Windows deny this).
But anyway, today 'user' access should
Updates for adduser and shadow were both uploaded to hirsute-proposed
yesterday as per https://lists.ubuntu.com/archives/ubuntu-devel-
discuss/2021-January/018901.html:
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-1ubuntu8
https://launchpad.net/ubuntu/+source/adduser/3.118ubuntu5
shadow
Just chiming in here to add my support for this.
I don't think there's anything more to say really. It's already been
said very clearly why this should be changed. We should always have
privacy by default.
It genuinely boggles my mind that there would be any opposition to this.
--
You received
It really surprises me (negatively) that most Ubuntu experts seem to
agree on this design decision. Isn't a well accepted fact that security
can affect usability?.
Now, about:
> We assume that the people who share the machine are either trusted, or
in a position to hack the machine (boot from
** Changed in: ubuntu-rtm
Status: New => Won't Fix
** Changed in: ubuntu-rtm
Status: Won't Fix => Opinion
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/48734
It has been my experience, lately, that individuals or families sharing
a computer have a single login account, i.e. "Family", etc.. This is
probably due to the perception by such simple-needs $USER's or their
family I.T. guru, that--it is the easiest way to overcome the reasonable
and appropriate
If I invite you into my house(physical), then I don't expect you to go
through my filing cabinets or closets, when I'm not looking, without
explicitly giving you those "permissions(0755)".
"Good fences make good neighbours" and "Locks keep out only the honest"
are equally true.
Placing
Whoa...Robbie, I'm just looking out for all the new user's and admin's
that are coming in from other platforms that could reasonably be
surprised by this and not Unix/Linux veteran's who broke their teeth
with vi on Slackware, etc..
Believe it or not, with WSL-2 and other notable advancements of
> Wow! Approaching 13-years and counting on this bug. Neat.
What's your point in making this statement? A decision was made soon
after the bug has filed and that decision still stands today. What does
the age of the decision have to do with it?
> Why not just throw a simple toggle into the
In the server edition this should not be enabled.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
Status in adduser package in
** Also affects: ubuntu-rtm
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
Status in
This needs to be reconsidered. All user comments in this thread refuse
the official explanation given in comment #1
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/48734
22 matches
Mail list logo