Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: WARNING: Banning "other" from $HOME: Don't do it like I did!

  1. #11
    Join Date
    May 2006
    Location
    Switzerland
    Beans
    2,752
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: WARNING: Banning "other" from $HOME: Don't do it like I did!

    Quote Originally Posted by The Cog View Post
    How did you change the permissions?
    OP has a 2nd thread here about the same topic:
    https://ubuntuforums.org/showthread.php?t=2460569

  2. #12
    Join Date
    Jun 2019
    Location
    Dirndl-land
    Beans
    749
    Distro
    Lubuntu 20.04 Focal Fossa

    Re: WARNING: Banning "other" from $HOME: Don't do it like I did!

    My Apologies!!
    After a detailed analysis, I've found out that the removal of the "other" permissions is NOT the culprit.
    Rather, it's messy ownership of some of the directories, where not every directory/file was assigned to the correct owner.
    I've fixed this issue with a new install and restore, and am confident that it will work (but have made an extra backup just in case).
    I'm not as restrictive as @TheFu and target a 750 rights environment. That way interaction between users is still possible.

    Again, Sorry, Mea Culpa.

  3. #13
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: WARNING: Banning "other" from $HOME: Don't do it like I did!

    Quote Originally Posted by ml9104 View Post
    My Apologies!!
    After a detailed analysis, I've found out that the removal of the "other" permissions is NOT the culprit.
    Rather, it's messy ownership of some of the directories, where not every directory/file was assigned to the correct owner.
    I've fixed this issue with a new install and restore, and am confident that it will work (but have made an extra backup just in case).
    I'm not as restrictive as @TheFu and target a 750 rights environment. That way interaction between users is still possible.

    Again, Sorry, Mea Culpa.
    In a default Ubuntu desktop environment, there is no practical difference between 750 and 700 since the group is also unique to the userid and doesn't have any other members. We often get lazy here, make assumptions based on Ubuntu and don't explain things clearly in the interest of not confusing people new to permissions.

    And just like it is easy for us not to spend time explaining the "group" aspects, I could see where end-users wouldn't bother to learn and understand those either until they need them.

  4. #14
    Join Date
    Jun 2019
    Location
    Dirndl-land
    Beans
    749
    Distro
    Lubuntu 20.04 Focal Fossa

    Re: WARNING: Banning "other" from $HOME: Don't do it like I did!

    Deleted/misunderstood. Sorry.
    Last edited by ml9104; April 26th, 2021 at 11:35 PM.

  5. #15
    Join Date
    Jun 2019
    Location
    Dirndl-land
    Beans
    749
    Distro
    Lubuntu 20.04 Focal Fossa

    Re: WARNING: Banning "other" from $HOME: Don't do it like I did!

    Quote Originally Posted by TheFu View Post
    In a default Ubuntu desktop environment, there is no practical difference between 750 and 700 since the group is also unique to the userid and doesn't have any other members. We often get lazy here, make assumptions based on Ubuntu and don't explain things clearly in the interest of not confusing people new to permissions.

    And just like it is easy for us not to spend time explaining the "group" aspects, I could see where end-users wouldn't bother to learn and understand those either until they need them.
    This is very dependent on the working environment.
    I use Group membership to temporarily allow access from one user to another or vice versa. Instead of carrying USB-thumbs back and forth.

  6. #16
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: WARNING: Banning "other" from $HOME: Don't do it like I did!

    Quote Originally Posted by ml9104 View Post
    This is very dependent on the working environment.
    I use Group membership to temporarily allow access from one user to another or vice versa. Instead of carrying USB-thumbs back and forth.
    Have you looked at the gpasswd command? This lets us set a password on a "group" that can be shared quickly with non-members, then either changed or removed. Group members won't be bothered for the password.

    From the manpage:
    Code:
           If a password is set the members can still use newgrp(1) without a
           password, and non-members must supply the password.
    
       Notes about group passwords
           Group passwords are an inherent security problem since more than one
           person is permitted to know the password. However, groups are a
           useful tool for permitting co-operation between different users.
    ...
           -A, --administrators user,...
               Set the list of administrative users.
    the -A flag means non-sudoers can still be group managers. Handy for dynamic software development teams with visiting developers.

    Just another option for consideration.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •