On Wed, Mar 9, 2016 at 6:17 PM, Francis Roy <li...@unimportantstuff.com> wrote:
> On 16-03-09 08:44 PM, Eric Covener wrote: > >> If you want to serve out of your home directory, it needs to be >> executable by "other". >> > > Thank you, Eric and Kurtis, both. That was the problem. > > I did the following: > sudo chmod 755 /home/username > > If I may, a follow-up question: does this create a potential security > vulnerability on my machine that I should find measures of protecting? Probably not but it's not the sort of question anyone can answer without spending a few days reviewing your situation. The reason most UNIX distros create the home directory for a user with mode 750 (no public access) is to make it impossible for other accounts on the machine, which aren't a member of your primary group, to guess whether a file is present by exploiting the search capability. In other words, if you've done "chmod 751" then even if I'm not a member of the group that owns your home directory I can execute "ls /media/username/$filename" commands (or equivalent) to probe whether $filename exists. It's a potential information leak that could theoretically be used to launch an attack. Whether that's a concern for you depends on a lot of factors. -- Kurtis Rader Caretaker of the exceptional canines Junior and Hank
