View Poll Results: What do you think about the Ubuntu default (home dirs readable by other users)?

Voters
69. You may not vote on this poll

  • I love the default. That's the way it should be.

    8 11.59%

  • I don't care either way.

    18 26.09%

  • I don't like the default, but it's easy to change manually so it's okay.

    12 17.39%

  • I don't like the default and want it changed but it's not a big deal.

    8 11.59%

  • I don't like the default and want it changed and it is a big deal.

    18 26.09%

  • I don't like the default so much that I'm going to use another distro

    1 1.45%

  • I still don't understand what the issue is.

    2 2.90%

  • Other position (please explain)

    2 2.90%
Results 1 to 10 of 172

Thread: Ubuntu makes user home directories readable by other users

Threaded View

  1. July 9th, 2009 #1
    Smartin
    Smartin is offline A Carafe of Ubuntu
    Join Date
    Oct 2007
    Beans
    102

    Ubuntu makes user home directories readable by other users

    Hi,

    Edit 2: This is getting scary... Mods have now seen fit to try to bury this in another forum...

    The attitude is that nothing must change.

    Edit: An overzealous mod has made this thread very confusing by merging several other threads

    What this thread is about is exploring the logic behind the decision to make Ubuntu user's Home directories readable by anyone on the box.

    This is the original posting:

    Hi,

    It has recently come to my attention that Ubuntu Desktop sets user's Home folders up as readable by any other user on the box.

    To me this is an utterly astonishing thing for a modern operating system to do. I have slept on it and I'm still stunned When I come across something which to me is so obviously off-the-scale insane but is a decision which has been taken by otherwise rational people, it makes me very curious about the logic they applied when the decision was made.

    I can only assume that not enough people know about this issue or they would be up in arms about it. It would never have occurred to me that it was the case only I stumbled over it by a fluke.

    I respect Ubuntu too much to let this one just go by. Ubuntu is the nearest thing we have to an effective weapon against Microsoft and this is an Achilles heel.

    Ubuntu touts itself as 'Secure by design' and many sensible decisions have been taken in this regard: we all have separate user accounts, no services run by default, to log in you need to know a username *and* a password by default, etc, etc. All sensible and logical. There is even a 'sticky' at the top of the 'Security' forum saying words to the effect of 'Use strong passwords and change them regularly'.

    Then all home folders are readable by anyone else on the box by default!!

    What is the point of *any* password if this is the case?

    I have been pointed to places like this
    http://brainstorm.ubuntu.com/idea/6106/
    and read through the arguments. Some are saying it's not a security issue, it's a privacy issue. To me this is a red herring. A user's home folder should be private *and* secure, period.

    I also see 'If someone boots up from a live CD they can read your home folder anyway, so what's the point?'

    This is a ridiculous argument. It's like saying 'Don't bother wearing a seatbelt when you are driving, If you get hit by a 20-Tonne truck, you're dead anyway, so what's the point?'

    Others are saying it's a convenience thing for people to share files. Well, that's certainly true

    Having World-readable Home folders is totaly inconsistent with a modern OS! It needs to be fixed!

    Of course we need shared folders but we can quite easily have both shared folders and Private and Secure Home folders. They are not exclusive.

    To me, the sensible model is the OSX one: Home folders are readable but any folder within this is not, other than the Web/Apache folder and the Shared folder. This is logical, secure and private. It is also convenient in terms of sharing files.

    In fact I would go one step further and have two folders within the Home folder: Private and Shared. Then the conventional folders under these. But I understand that this may be a step too far

    Please explain to me the logic behind the current setup, if there is any.

    *And* let's not go round the 'It's easy to fix, just do this that and the other' block, I'm talking about *Default settings*. It's important!

    Discuss please

    Simon

    The mid-section may be of interest as background but please jump to about page three for my quest to understand why the decision was made to make home folders world readable.

    ************************************************** ************************************

    Odd one this...

    I was given an old computer by our local school. It only has a 40GB drive in it so I hooked up a 320GB USB drive to it.

    My boot partition is now on the 40GB drive and *everything* else is on the 320GB drive. (I would have preferred everything to be on the 320GB but couldn't get the box to boot from it)

    Now I find that when I create a new user on the box, they are able to traverse the whole file system without being jailed to their own home folder. All users seem to be able to do this.

    Even the root folder has access rights given to 'Others'.

    Is this because it's an external drive?

    What's the permanent fix? It's a drag to have to set permissions on each user specially. Even if I fix user folders manually, what do I do about the root folder?

    Thanks

    Simon
    Last edited by Smartin; July 12th, 2009 at 10:52 AM.
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Ubuntu Forums Code of Conduct