I will be out of the office until 9th January, in my absense please contact Nick Tait
On 14 Nov 2012, at 23:03, Alexander Adam <48...@bugs.launchpad.net> wrote: > Sorry but the decision still doesn't make any sense to me. > I have to change the default permissions on every installation which is > indeed *not* usability friendly. > > Besides that the public-dir would be perfect for this (wouldn't it be > possible to symlink public to a directory outside of users home and so leave > it accessible for everyone?): I never ever intenionally shared files between > home-dirs. > Addionally I have to add that I even talked with many colleagues and friends > for this "feature" and (surprise surprise) they also don't use this "feature". > > But many people doesn't know that a default ubuntu-installation behaves like > this. And this is the real danger. > If you want a proof you can find many more people in the web who where > negative surprised (besides the ones in this bug-ticket). > Wether in ubuntu forums, askubuntu.com, blogs or here on launchpad: obviously > no one is expecting that. > > And even IF Colin Watson amazingly really have more cases with public > read access than private access then it should be at least decidable by > the user (as mentioned by himself in #8). And I don't mean by > /etc/adduser.conf but in the GUI (ie an checkbox in usermanagement > wether the home-dir should be readable and/or a checkbox on the > installer). > > Furthermore like David Henningsson already said: if you have even a > public dir wouldn't it be intuitive to expect that the other directories > and files aren't public? > > I totally agree with aysiu what the defaults should like and I also > think like flaccid that even IF somewant WANTS to share his home-dir it > is the worst idea to share files. There are thousands of possibilities > but sharing the whole home directory should be the default? > > Marc Deslauriers even if every tool which stores the permissions > correct: as long as the user doesn't knows that his files are visible it > is still an terrible issue - isn't it? If the user manages his files > which leads to unintentinally public data there is definitely a need to > improve something. > > It was a phantastic step to offer simple solutions for encrypting the whole > disk, home- or private-dir. But even if I have a fresh installation with an > encrypted disk and I prohibited booting from usb or networking there could be > a case like this: > I am booting the system (type the passphrase) and leaving the room for a > moment than someone could login to the (default-activated?) guest login and > steal my data. In this case the attacker needs nearly nothing for getting > everything. > And even in "smaller" circles when family members share accounts on one > computer they mostly expect their home dir is their little home - including a > little amount of privacy. > > And to complete the analogy in "real life". See the home-dir like a real > home with your own room. Inner-flat doors are often lockable even if you > know that these locks give just a low-level-security. > > For a project which claims to listen to their customers: with all due > respect but nobody seems to really listen here (or on ubuntu forums, > askubuntu, …) while they are good reasons mentioned for a meaningful > revision. > > So Mark Shuttleworth: No facts or circumstances changed, because there > are still many people who think that the default is wrong, but is that > really not a reason enough? > > Or make a poll and ask them at least. > > -- > You received this bug notification because you are a member of Canonical > User Experience and Design team, which is subscribed to a duplicate bug > report (460490). > https://bugs.launchpad.net/bugs/48734 > > Title: > Home permissions too open > > Status in “adduser” package in Ubuntu: > Opinion > > Bug description: > Binary package hint: debian-installer > > On a fresh dapper install i noticed that the file permissons for the > home directory for the user created by the installer is set to 755, > giving read access to everyone on the system. > > Surely this is a bad idea? If your set on the idea can we atleast have > a option during the boot proccess? > > Also new files that are created via the console ('touch' etc.) are > done so with '644' permissons, is there anything that can be done > here? nautlius seems to create files at '600', which is a better > setting. > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/48734/+subscriptions -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/48734 Title: Home permissions too open To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/48734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
