On Tue, Apr 14, 2009 at 08:58:58PM +0200, Ante Karamati?? wrote: > If we opt for 0700 on home directory, we should make sure everything > else works. As people already said, 0700 permission of home directories > don't make your data secure. Closest thing to usable secure data is > crypted home directory, which thanks to Dustin, we provide.
When discussed at the last UDS, the decision was to create a 0700 ~/Private directory, but it was never added to xdg-user-dirs. I'm hoping to see that fixed in Karmic. As for 0700, that will be ~/public_html/. It doesn't need read, but it does need exec. > And this is EOD from me on this article. I'm in favour of starting a > discussion about possibilities to change default permissions for home > directories. This discussion has already happened. The solution is education, or if it's really that important, a debconf question for configuring /etc/adduser.conf. -- Kees Cook Ubuntu Security Team -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam