On Mon, Sep 12, 2022 at 07:39:37AM -, Alkis Georgopoulos wrote:
> This change takes away the ability of the users to share some of their
> data WITHOUT involving the administrator.
Hello Alkis, do note that it is typical for users to own their own home
directory; if a user wishes to share,
Great! Thank you for prioritizing the user's privacy!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
To manage notifications about this bug go to:
Schools have started installing/upgrading to 22.04.1 and we're just now
seeing this.
This change takes away the ability of the users to share some of their data
WITHOUT involving the administrator.
It's not "privacy by default", it's "mandatory privacy".
Privacy by default could be done with
As noted in the discourse thread on this https://discourse.ubuntu.com/t
/private-home-directories-for-ubuntu-21-04-onwards/19533 - I think a
similar ACL approach should be able to be used to give the www-data user
or similar access to your home dir for ~/public_html or for samba as
needed.
--
Just two things that are broken with DIR_MODE=0750
(Which are still perfectly supported with the proof-of-concept
lock-down plus improved-usability script from last the post.
Independently from the additional group directories that it
introduces.)
* samba usershares
* ~/public_html
--
You
--- Avoiding the caveat of "this does not work"? ---
You may just not have thought yet of this solution that can be
implemented with little adjustment:
( Privacy by default? YES, even with improved usability! )
Here is a trial script:
Hello, I’m original bug reporter back from 2006 and I’ve been watching
the development of this bug over the years and I just wanted to say a
big thank everyone for getting this sorted!
- Dan
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
On 18/01/2021 12:46, Launchpad Bug Tracker wrote:
> This bug was fixed in the package adduser - 3.118ubuntu5
>
> ** Changed in: adduser (Ubuntu Hirsute)
>Status: Fix Committed => Fix Released
\o/
Well done and thank you to everyone who worked to make this happen.
I wonder if there
This bug was fixed in the package adduser - 3.118ubuntu5
---
adduser (3.118ubuntu5) hirsute; urgency=medium
* Enable private home directories by default (LP: #48734)
- Set DIR_MODE=0750 in the default adduser.conf
- Change the description and default value to select private
The issue with rootless podman userns mapping is described here
(postgres db confined in host user home):
https://www.redhat.com/sysadmin/rootless-podman-makes-sense
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
Probably, behind the original decision there were also issues of home
access, required by some unprivileged services, like apache (userdir).
Today, letting all users accessing any ~/Doc,~/Pic,~/Video look like a
huge security hole (MS Windows deny this).
But anyway, today 'user' access should
Updates for adduser and shadow were both uploaded to hirsute-proposed
yesterday as per https://lists.ubuntu.com/archives/ubuntu-devel-
discuss/2021-January/018901.html:
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-1ubuntu8
https://launchpad.net/ubuntu/+source/adduser/3.118ubuntu5
shadow
Just chiming in here to add my support for this.
I don't think there's anything more to say really. It's already been
said very clearly why this should be changed. We should always have
privacy by default.
It genuinely boggles my mind that there would be any opposition to this.
--
You received
It really surprises me (negatively) that most Ubuntu experts seem to
agree on this design decision. Isn't a well accepted fact that security
can affect usability?.
Now, about:
> We assume that the people who share the machine are either trusted, or
in a position to hack the machine (boot from
** Changed in: ubuntu-rtm
Status: New => Won't Fix
** Changed in: ubuntu-rtm
Status: Won't Fix => Opinion
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
Home
It has been my experience, lately, that individuals or families sharing
a computer have a single login account, i.e. "Family", etc.. This is
probably due to the perception by such simple-needs $USER's or their
family I.T. guru, that--it is the easiest way to overcome the reasonable
and appropriate
If I invite you into my house(physical), then I don't expect you to go
through my filing cabinets or closets, when I'm not looking, without
explicitly giving you those "permissions(0755)".
"Good fences make good neighbours" and "Locks keep out only the honest"
are equally true.
Placing
Whoa...Robbie, I'm just looking out for all the new user's and admin's
that are coming in from other platforms that could reasonably be
surprised by this and not Unix/Linux veteran's who broke their teeth
with vi on Slackware, etc..
Believe it or not, with WSL-2 and other notable advancements of
> Wow! Approaching 13-years and counting on this bug. Neat.
What's your point in making this statement? A decision was made soon
after the bug has filed and that decision still stands today. What does
the age of the decision have to do with it?
> Why not just throw a simple toggle into the
Wow! Approaching 13-years and counting on this bug. Neat.
Desktop Linux: The principle of least astonishment (POLA) should
_always_ be priority-one with Security. Open $HOME's are a surprise to
me and everyone I know.
Now that cloud storage has taken the desktop users of the world by
storm, is
In the server edition this should not be enabled.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
To manage notifications about this bug go to:
** Also affects: ubuntu-rtm
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
To manage notifications about
This needs to be reconsidered. All user comments in this thread refuse
the official explanation given in comment #1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
Home
I think the current permissions are not perfect.
On one hand, I understand that locking down the home folder (700 permissions)
would create some problems.
Samba wouldn't be able to share any folder inside ~/ to other users (especially
guest users), Apache wouldn't be able to access
** Attachment removed: unnamed
https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/48734/+attachment/3456365/+files/unnamed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
I just wanted to add that I was wrong with the default guest login. The
default guest login is *not* able to view others home-directories (the
other points I mentioned are unfortunately still right).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
I will be out of the office until 9th January, in my absense please
contact Nick Tait
On 14 Nov 2012, at 23:03, Alexander Adam 48...@bugs.launchpad.net
wrote:
Sorry but the decision still doesn't make any sense to me.
I have to change the default permissions on every installation which is
** Attachment added: unnamed
https://bugs.launchpad.net/bugs/48734/+attachment/3456365/+files/unnamed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
Sorry but the decision still doesn't make any sense to me.
I have to change the default permissions on every installation which is indeed
*not* usability friendly.
Besides that the public-dir would be perfect for this (wouldn't it be possible
to symlink public to a directory outside of users
I was horrified to find my home dir open, and Googled this post.
I simply can't believe the rationale - okay, we are geeks using Linux
wearing tinfoil hats but please: you are going to sacrifice security for
the sake of ... I don't exactly know how to put it... a badly
implemented sharing
Olaf, the point of the Opinion status is to allow discussion to continue
without attracting the attention of triagers who are trying to
categorize and/or reproduce issues in the New status.
So, to that point, the status should remain at Opinion until consensus
is reached, at which point it should
Ah, I assumed Opinion meant Wontfix. It'd still be nice if someone
responded to the arguments.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs
** Changed in: adduser (Ubuntu)
Status: Opinion = New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs mailing list
There are lots of responses to the arguments in this bug log; the
disagreements are essentially ideological. Opinion seems like the ideal
bug status.
** Changed in: adduser (Ubuntu)
Status: New = Opinion
--
You received this bug notification because you are a member of Ubuntu
Bugs,
A response to #38 and #39 is still missing.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
** Changed in: adduser (Ubuntu)
Status: Opinion = New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs mailing list
Somebody?
Implementing a public dir for easy sharing can IMO be easily done with
defaulting to a world readable home dir.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions
Sorry, that should read: without defaulting to a world readable home
dir.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs mailing list
** Changed in: adduser (Ubuntu)
Status: Invalid = New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs mailing list
** Changed in: adduser (Ubuntu)
Status: New = Opinion
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
--
ubuntu-bugs mailing list
status: New → Opinion
That's silly, could someone at least respond to the arguments so we can
have a proper discussion?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/48734
Title:
Home
@Colin, Mark: What about Principle of least privilege? Safe-by-default?
Why does user www-data (for example) have access to my files?
The defaults provide access to way more than other humans. You might at
least want to use ACLs to limit it to other humans by default.
It should be clear by now
Wow even the SABDFL chimed in, but...
Correct me if I am wrong, as I have not spent hours studying this.
My home directory is accessible to me, as I am logged in.
It is NOT accessible to anyone else logged into my PC with their password.
It is NOT accessible by anyone on a network, or online
@emarkay
Thats explained above if you read the history.
The simple answer is yes, any system user can read anything in /home/*
I did notice that what people are saying is correct... it is like this with
many other distros and OS.
But, imho, this shouldn't mean that Ubuntu does the same.
Do we
This is a shocker.
This is yet another example of Ubuntu not taking security seriously.
This is not a problem on RedHat or Fedora.
And this issue exists on the server edition as well! Reading each
other's files by default is _not_ cool. I can't believe how long I've
been running with such an
After some of the comments I did look at some other *nix OS and distros
and observed that quite a few do have open home directories too by
default. There are however quite a few that apply protection.
It is just a question of which category Ubuntu wants to be in. At this
point, it looks like the
@CalderCoalson: Long story short, cluttering home directories with invisible
files is part of the FHS standard. There is also a freedesktop standard that
dictates that configuration should be put in a subdirectory under ~/.config/.
My personal preference is for the latter.
And the .config
I also think that one public directory like Windows or maybe even MacOsX have
per default would be the best compromise. I mean this could be created in the
home directory and a link added to every new user desktop like in case of the
example folder.
With this sharing is even easier than with
Encryption also adds significant overhead to file read / writes which people
on slower computers can't really afford. As for booting from a USB drive,
there's a huge difference between a family member (if we're assuming that
usage scenario) doing a computer wide search and turning up a private
If you restrict permissions on the home directory, it isn't possible to
have a folder _inside_ that is accessible by other users. This is the
way Unix permissions work. This is why the home folder is readable by
other users by default on OS X, so the Shared folder is accessible.
--
Home
I think that's what we're agreeing Ubuntu should do as well, with two
changes to make it more Mac OS X-like. First, the default folders (with the
exception of Public) should be locked to all other users. Second, any new
folders that get created should also be locked to all other users. Mac OS X
The ~/.appnamehere folders should already have restrictive permissions
set by the applications. For example, ~/.mozilla is 700. If you use an
application that doesn't set sane permissions for private data, please
file a bug.
Any new folder you create in your home directory in OS X is
Creating a Private Directory by default would at least hint to the
user that the other directories are not, in fact, private.
--
Home permissions too open
https://bugs.launchpad.net/bugs/48734
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct
That's a start, but a Public would make so much more sense. Then when you
want to share something you do that, but you don't have to separate the
organization of your documents and other personal files by whether they're
private or not. Would it really be too hard to add a checkbox for this so
@Marc Deslauriers
I meant creating the public folder in the global home directory /home not the
user home directory.
And if a link on the desktop is against the gui guidelines just add one
under Places or in the user home directory.
--
Home permissions too open
Incredible !
This bug thread has existed almost 4 years now (with some side threads) and
there is no decision that the described behaviour of /home is absolutely not
acceptable.
For a normal user, everything which is behind my own password, is
absolutely mine and only mine.
Somebody says (in
Olli, I appreciate that you would like the matter to be handled
differently, but a decision has been taken. Every decision can be
changed, but it will only be changed if the facts or circumstances or
arguments changed. Showing up, talking loudly, but adding nothing other
than a strong statement
Mark,
a decision ?
I am sorry but I cannot see any ?
And that is why I wanted to raise the flag.
--
Home permissions too open
https://bugs.launchpad.net/bugs/48734
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs
First, I was quite surprised to see a response from you yourself, Mark, and
appreciate your direct involvement. Second, while Olli's response was
rather incensed, it is representative of many people's reactions when they
discover this feature. I'm sure there are very good reasons this choice
I believe that the previous comments from me on this bug were quite
well-thought-out and explanatory. I certainly made an effort to give a
clear explanation of why I believe this to be the correct default rather
than just saying no, and I also noted ways in which I think this could
be improved at
The majority of users of Ubuntu systems either have exclusive use of the
machine (personal laptop) or are sharing with friends and relatives. We
assume that the people who share the machine are either trusted, or in a
position to hack the machine (boot from USB!) trivially. As a result,
there is
@Mark Shuttleworth
I don't know where to start with your flaws, but I'll at least flag a
few + relevant points.
1. A majority != all
2. The wiki confirms that this is a security bug
3. People store their mail in the home directory (this is only 1 example). You
can then own the user or get the
Without getting all worked up here, flaccid does raise one very good point.
The Mac OS X system works beautifully; that is making everything locked by
default except for a folder explicitly labeled Public containing a Drop
Box for file transfer to the user. This approach respects both
I think you guys should take a look at the permissions on your OS X home
directory, you'll be surprised :)
Our security team FAQ has instructions on changing the default behavior for
home directories:
https://wiki.ubuntu.com/SecurityTeam/Policies#Permissive%20Home%20Directory%20Access
That
Actually in my home folder in my default Karmic installation, there is a
folder named Publikt (that'd probably be public or shared in
English), tricking me into believing that everything else is not public
- if it was, why would there be a Publikt folder in my home directory?
Since it seems to be
How about locking down users folders to them selves and use Samba to
deal with the shares? User's have a graphical tool anyway to easily
configure the sharing options of Samba. Maybe this could be a valid
agreement? Though this would involve either adding Samba on the
installation Cd or
@Carroarmato0
Samba server in Ubuntu is not installed or enabled by default. This is also
networking sharing, not simple local sharing via UNIX perms. Although Ubuntu
lacks a real implementation of Samba that is a transparent config to the user,
a network sharing filesystem is not really
Whatever solution is decided upon, as long as home dirs via adduser etc. are
NOT world readable then its ok.
We should also be educating users instead of getting them into bad habits such
as sharing home directories - you won't see any decent administrator set this
up on a LAN's LDAP or
No problem at all since it could be stored under Places which makes more
sense anyway.
If there is a shared folder there is no need to keep the permissions as
open anymore imho.
--
Home permissions too open
https://bugs.launchpad.net/bugs/48734
You received this bug notification because you are
A simple shared folder with an link on every user desktop would make
everyone happy but ...
--
Home permissions too open
https://bugs.launchpad.net/bugs/48734
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
On Sat, Aug 01, 2009 at 07:11:04AM -, unggnu wrote:
A simple shared folder with an link on every user desktop would make
everyone happy but ...
... but that's a desktop decision, not something adduser should be
doing. (And it would make me unhappy personally because it would be
noise on the
I'm afraid we'll have to agree to disagree on this one. I firmly believe
that if people have to opt in to being able to share files with each
other then they simply won't do it, or will use absurd,
expensive-for-the-Internet workarounds (like e-mailing files to each
other). Most people don't lock
On most multi-user systems, there is some level of cooperation (if not
trust) among the users - they'll be members of the same family, or
friends, or co-workers, or whatever
I don't think you can rightly make that assumption. Even if it is true
in most cases, it is better for people to opt in to
Another interesting point is that Ubuntu has a guest session which works
great but interestingly the user from which the guest session is
initiated returns with a locked screen which seems to be a security
feature. But it is still possible for the guest to access most of the
data in the home user
Maybe it wasn't clear.
A non expert Ubuntu user has tested the guest mode and find out that his screen
is locked afterwards and he could come to the impression that this is safe.
Especially since he heart Linux is much more secure than Windows and so on.
So if he has to leave he just switch to
Why not ask in the installer while the password and user name is set if the
directory should be readable or not? One line with a checkbox and an
explanation would be enough. After installation the gnome user manager should
ask the same question if a new user is added. Everyone who uses console
76 matches
Mail list logo
