Hi,
Edit 2: This is getting scary... Mods have now seen fit to try to bury this in another forum...
The attitude is that nothing must change.
Edit: An overzealous mod has made this thread very confusing by merging several other threads
What this thread is about is exploring the logic behind the decision to make Ubuntu user's Home directories readable by anyone on the box.
This is the original posting:
Hi,
It has recently come to my attention that Ubuntu Desktop sets user's Home folders up as readable by any other user on the box.
To me this is an utterly astonishing thing for a modern operating system to do. I have slept on it and I'm still stunned When I come across something which to me is so obviously off-the-scale insane but is a decision which has been taken by otherwise rational people, it makes me very curious about the logic they applied when the decision was made.
I can only assume that not enough people know about this issue or they would be up in arms about it. It would never have occurred to me that it was the case only I stumbled over it by a fluke.
I respect Ubuntu too much to let this one just go by. Ubuntu is the nearest thing we have to an effective weapon against Microsoft and this is an Achilles heel.
Ubuntu touts itself as 'Secure by design' and many sensible decisions have been taken in this regard: we all have separate user accounts, no services run by default, to log in you need to know a username *and* a password by default, etc, etc. All sensible and logical. There is even a 'sticky' at the top of the 'Security' forum saying words to the effect of 'Use strong passwords and change them regularly'.
Then all home folders are readable by anyone else on the box by default!!
What is the point of *any* password if this is the case?
I have been pointed to places like this
http://brainstorm.ubuntu.com/idea/6106/
and read through the arguments. Some are saying it's not a security issue, it's a privacy issue. To me this is a red herring. A user's home folder should be private *and* secure, period.
I also see 'If someone boots up from a live CD they can read your home folder anyway, so what's the point?'
This is a ridiculous argument. It's like saying 'Don't bother wearing a seatbelt when you are driving, If you get hit by a 20-Tonne truck, you're dead anyway, so what's the point?'
Others are saying it's a convenience thing for people to share files. Well, that's certainly true
Having World-readable Home folders is totaly inconsistent with a modern OS! It needs to be fixed!
Of course we need shared folders but we can quite easily have both shared folders and Private and Secure Home folders. They are not exclusive.
To me, the sensible model is the OSX one: Home folders are readable but any folder within this is not, other than the Web/Apache folder and the Shared folder. This is logical, secure and private. It is also convenient in terms of sharing files.
In fact I would go one step further and have two folders within the Home folder: Private and Shared. Then the conventional folders under these. But I understand that this may be a step too far
Please explain to me the logic behind the current setup, if there is any.
*And* let's not go round the 'It's easy to fix, just do this that and the other' block, I'm talking about *Default settings*. It's important!
Discuss please
Simon
The mid-section may be of interest as background but please jump to about page three for my quest to understand why the decision was made to make home folders world readable.
************************************************** ************************************
Odd one this...
I was given an old computer by our local school. It only has a 40GB drive in it so I hooked up a 320GB USB drive to it.
My boot partition is now on the 40GB drive and *everything* else is on the 320GB drive. (I would have preferred everything to be on the 320GB but couldn't get the box to boot from it)
Now I find that when I create a new user on the box, they are able to traverse the whole file system without being jailed to their own home folder. All users seem to be able to do this.
Even the root folder has access rights given to 'Others'.
Is this because it's an external drive?
What's the permanent fix? It's a drag to have to set permissions on each user specially. Even if I fix user folders manually, what do I do about the root folder?
Thanks
Simon
Bookmarks