71347 – useradd creates home directories chmoded 755 by default

Bug 71347 - useradd creates home directories chmoded 755 by default

Summary: useradd creates home directories chmoded 755 by default

Status:	RESOLVED DUPLICATE of bug 69783

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-11-15 19:00 UTC by Federico Galassi
Modified:	2005-07-17 13:06 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Federico Galassi 2004-11-15 19:00:09 UTC

Home dirs are created 755 by default and umask is 0022 making files in homes readable by other users (users group).
While not being a real vulnerability, making home dirs 700 would be a sensible security default because it fits well both to shared networked computers (such as servers) and newbies who still have to learn well unix permissions and may erroneously consider their home a private place. 
Home permissions are certainly a matter of taste but keeping them strict and leaving admin in charge of customization is afaic security-wiser than the other way.


Reproducible: Always
Steps to Reproduce:

Comment 1 Rajiv Aaron Manglani (RETIRED) gentoo-dev

2004-11-15 19:07:46 UTC


*** This bug has been marked as a duplicate of 69783 ***