bug#27135: /root is world readable by default
Ludovic Courtès writes: > Hi Alex, > > Alex Griffin skribis: > >> After a default install of GuixSD, anybody can read root's home >> directory. I think /root should have permissions 700 instead of 755. > > Fixed in 41db5a756369f5b14d1e67a523ee0940cad56744. > > For the other user accounts, useradd(8) does its thing, and apparently > it defaults to world-readable accounts (it defaults to a umask of 022 as > written in the man page). > > Thoughts? I'm in favor of overriding that default. I usually chmod /home/* to 0700 anyway. 0750 would be okay too and probably covers more use cases. signature.asc Description: PGP signature
bug#27135: /root is world readable by default
Hi Alex, Alex Griffin skribis: > After a default install of GuixSD, anybody can read root's home > directory. I think /root should have permissions 700 instead of 755. Fixed in 41db5a756369f5b14d1e67a523ee0940cad56744. For the other user accounts, useradd(8) does its thing, and apparently it defaults to world-readable accounts (it defaults to a umask of 022 as written in the man page). Thoughts? Thanks, Ludo’.
bug#27135: /root is world readable by default
After a default install of GuixSD, anybody can read root's home directory. I think /root should have permissions 700 instead of 755.
