On Tue, Apr 14, 2009 at 1:57 PM, Kees Cook <[email protected]> wrote: > On Tue, Apr 14, 2009 at 01:20:31PM -0500, Tony Yarusso wrote: > > I've always been a little bit uncomfortable with the choice of default > > permissions for user home directories, and would like to see some more > > discussion around that. > > > https://wiki.ubuntu.com/SecurityTeam/FAQ#Permissive%20Home%20Directory%20Permissions > > > (Past answers essentially being "it's easier > > this way", for file sharing and the like, which doesn't seem > > particularly convincing to me.) > > It is certainly a very specific trade-off that was chosen early in Ubuntu > design. But that's why /etc/adduser.conf exists. :) >
It's not just Ubuntu. IIRC, all the distros I used before switching to Ubuntu had permissive home directory permissions by default. > > -- > Kees Cook > Ubuntu Security Team > > -- > ubuntu-server mailing list > [email protected] > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam >
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
