Whoa...Robbie, I'm just looking out for all the new user's and admin's
that are coming in from other platforms that could reasonably be
surprised by this and not Unix/Linux veteran's who broke their teeth
with vi on Slackware, etc..
Believe it or not, with WSL-2 and other notable advancements of Ubuntu
coming on to the radar of mainstream and mostly Microsoft-trained
admin's, we have an _opportunity_ here to create mindshare and loyalty
for migrations of huge workloads to our platform-of-choice and,
arguably, the best platform for safer and more secure computing as
opposed to having the majority of PC users in the world stay on one
company's monoculture-vision of desktop computing.
I'm attempting to spread the Gospel-of-GNU(Ubuntu) everywhere. We're on
the same team, my friend.
Obscure wiki articles and 13-year old "opinion"-marked bugs will _not_
be the first place new admins or users will find out about this issue!
Heck, I've been a Linux user since 2004("Red Hat 8"(before Fedora was
even a thing) box-set purchased at a CompUSA store), then Slackware and
an Ubuntu convert since 2012 or so. I should know better than to leave
multi-user seats unaudited for permissions after creation(or even during
by not having edited the adduser.conf file). But even I just _assumed_
that a modern desktop would surely put security ahead of convenience! I
didn't even know that this "security" issue was a "feature" till I
started setting-up multi-user local seats and even then--I may have just
started using ecryptfs as a workaround. Now--even that option is gone
from user(admin)-facing installer widgets.
Put yourself in the shoes of a new or migrating small to medium sized
business CIO or IT-manager looking to convert from the soon-to-be out-
of-service "Windows 7" in order to keep fleets of older boxes running
for daily knowledge-worker or office-productivity users who share
desktop PC's over the course of 24/7 shifts at the office. What would
you think if every system that you had installed or understood to be the
out-of-box defaults for the past few decades was based on blocking vs
allowing? And you took the risk of allowing this "Linux-
thing"(yes...this is what I have heard it called many times) only to
discover the opposite, a permissive rule set, without any warning.
Ubuntu is growing rapidly...I want to see it succeed despite it's geeks-
only reputation. I think sensible defaults are good to always be working
on(not just "opining" about in 13-year old bugs).
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/48734
Title:
Home permissions too open
Status in adduser package in Ubuntu:
Opinion
Status in Ubuntu RTM:
New
Bug description:
Binary package hint: debian-installer
On a fresh dapper install i noticed that the file permissons for the
home directory for the user created by the installer is set to 755,
giving read access to everyone on the system.
Surely this is a bad idea? If your set on the idea can we atleast have
a option during the boot proccess?
Also new files that are created via the console ('touch' etc.) are
done so with '644' permissons, is there anything that can be done
here? nautlius seems to create files at '600', which is a better
setting.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/48734/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
