*** This bug is a duplicate of bug 48734 *** https://bugs.launchpad.net/bugs/48734
** This bug has been marked a duplicate of bug 48734 Home permissions too open ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1790377 Title: Ubuntu 18.04.1 and below: Information disclosure through world readable by default home directory permissions Status in shadow package in Ubuntu: New Bug description: 1)Ubuntu 18.04.1 2)package passwd 4.5-1ubuntu1 (shadow) 3)Expected default home directory permissions of 0700 (no one should be able to read anyone else's files - probably required by European GDPR and others). 4) Home directory permissions of the first created user (potential root via sudo) on fresh Ubuntu 18.04.1 installation are 0755 (world read and executable). useradd -m NEWUSER also creates home directories with 0755 permissions (rx by world). Creating a new User via GUI also creates home directories with 0755 permissions (rx by world). GUI unfortunately creates Documents, Music, Videos, ... with world readable permissions too (another OS I have seen insecure home directory permissions too, but there at least the subfolders did not have world readable permissions). Thus every local user can read files created by other local users (security type "Loss of Privacy"). That there are other ways to read non-encrypted files is no excuse for such open permissions. If i.e. this was a web server and Apache is badly configured it could be used to remotely read confidential information without valid credentials too (increases risk and exploitability). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1790377/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp