home directory permissions
Hi I have just used the command adduser to add some users to my system. I have noticed that each user added has read rights to other users home directory. Why is this? how can i stop adduser from creating home directories with these permissions? Thankyou Charlie
Re: home directory permissions
Charlie Grosvenor [EMAIL PROTECTED] writes: I have just used the command adduser to add some users to my system. I have noticed that each user added has read rights to other users home directory. Why is this? how can i stop adduser from creating home directories with these permissions? On most of the systems I've ever administered that was the desired permission. Maybe just historical, but I can tell stories all day about users wanting to access each others directories and weren't able to because they had set there root directory permission to 700. Anyway, you were either asked whether the default should be to have home directories system-wide readable or you've set you're priority to a value high enough that it used the default when you installed adduser. You can reconfigure it like: dpkg-reconfigure --priority=low adduser and answer No to the question Do you want system wide readable home directories?. This assumes you're running testing or unstable. I don't remember if this was configurable via dpkg-reconfigure in potato. Gary
Re: home directory permissions
Hello Charlie, dpkg-reconfigure adduser It asks you, if you want this behaviour or not. Daniel Charlie Grosvenor wrote: Hi I have just used the command adduser to add some users to my system. I have noticed that each user added has read rights to other users home directory. Why is this? how can i stop adduser from creating home directories with these permissions? Thankyou Charlie
Re: home directory permissions
Gary Hennigan wrote: Charlie Grosvenor [EMAIL PROTECTED] writes: I have just used the command adduser to add some users to my system. I have noticed that each user added has read rights to other users home directory. Why is this? how can i stop adduser from creating home directories with these permissions? Actually, I think you just change the permissions in the file /etc/skel. I'm not sure though, so let us all know if that works. There may be a umask thing you'll want to change too. -- http://www.eskimo.com/~xeno [EMAIL PROTECTED] Physically I'm at: 5101 N. 45th St., Tacoma, WA, 98407-3717, U.S.A.
Re: home directory permissions
On Tue, Mar 05, 2002 at 11:11:55AM -0700, Gary Hennigan wrote: Charlie Grosvenor [EMAIL PROTECTED] writes: I have just used the command adduser to add some users to my system. I have noticed that each user added has read rights to other users home directory. Why is this? how can i stop adduser from creating home directories with these permissions? On most of the systems I've ever administered that was the desired permission. Maybe just historical, but I can tell stories all day about users wanting to access each others directories and weren't able to because they had set there root directory permission to 700. Anyway, you were either asked whether the default should be to have home directories system-wide readable or you've set you're priority to a value high enough that it used the default when you installed adduser. You can reconfigure it like: dpkg-reconfigure --priority=low adduser and answer No to the question Do you want system wide readable home directories?. This assumes you're running testing or unstable. I don't remember if this was configurable via dpkg-reconfigure in potato. Gary Thanks Gary for a very informative answer. Can I send a revised version to [EMAIL PROTECTED] for inclusion in the Debian FAQ? -- Note that I use Debian version 3.0 Linux emac140 2.4.17 #1 s?n feb 10 20:21:22 CET 2002 i686 unknown Hans Ekbrand pgpP4VwJlhTNz.pgp Description: PGP signature
Re: home directory permissions
On Tue, Mar 05, 2002 at 11:20:10AM -0800, Xeno Campanoli wrote: Gary Hennigan wrote: Charlie Grosvenor [EMAIL PROTECTED] writes: I have just used the command adduser to add some users to my system. I have noticed that each user added has read rights to other users home directory. Why is this? how can i stop adduser from creating home directories with these permissions? Actually, I think you just change the permissions in the file /etc/skel. I'm not sure though, so let us all know if that works. Changing the permissions on the files in /etc/skel, which are copied into the new user's home directory, is very unlikely to affect the permissions on the directory they're copied into. It's interesting, though, that everyone is saying to use dpkg to reconfigure adduser... IIRC, that only works for woody and sid, where you can instead edit /etc/adduser.conf and set DIR_MODE to whatever permissions you want (0755, 0700, 0750 seem like reasonable choices) for user home directories. potato doesn't appear to have a config switch to control this, but /usr/sbin/adduser is just a shell script, so you can search through it for the string 0755 and change it - although this will have to be repeated whenever you install a new version of adduser. -- When we reduce our own liberties to stop terrorism, the terrorists have already won. - reverius Innocence is no protection when governments go bad. - Tom Swiss
Re: home directory permissions
Xeno Campanoli wrote: Actually, I think you just change the permissions in the file Sorry! I meant in the directory /etc/skel! Bleh! /etc/skel. I'm not sure though, so let us all know if that works. There may be a umask thing you'll want to change too. -- http://www.eskimo.com/~xeno [EMAIL PROTECTED] Physically I'm at: 5101 N. 45th St., Tacoma, WA, 98407-3717, U.S.A.
