View Poll Results: What do you think about the Ubuntu default (home dirs readable by other users)?

Voters
69. You may not vote on this poll
  • I love the default. That's the way it should be.

    8 11.59%
  • I don't care either way.

    18 26.09%
  • I don't like the default, but it's easy to change manually so it's okay.

    12 17.39%
  • I don't like the default and want it changed but it's not a big deal.

    8 11.59%
  • I don't like the default and want it changed and it is a big deal.

    18 26.09%
  • I don't like the default so much that I'm going to use another distro

    1 1.45%
  • I still don't understand what the issue is.

    2 2.90%
  • Other position (please explain)

    2 2.90%
Page 1 of 18 12311 ... LastLast
Results 1 to 10 of 172

Thread: Ubuntu makes user home directories readable by other users

  1. #1
    Join Date
    Oct 2007
    Beans
    102

    Ubuntu makes user home directories readable by other users

    Hi,

    Edit 2: This is getting scary... Mods have now seen fit to try to bury this in another forum...

    The attitude is that nothing must change.

    Edit: An overzealous mod has made this thread very confusing by merging several other threads

    What this thread is about is exploring the logic behind the decision to make Ubuntu user's Home directories readable by anyone on the box.

    This is the original posting:

    Hi,

    It has recently come to my attention that Ubuntu Desktop sets user's Home folders up as readable by any other user on the box.

    To me this is an utterly astonishing thing for a modern operating system to do. I have slept on it and I'm still stunned When I come across something which to me is so obviously off-the-scale insane but is a decision which has been taken by otherwise rational people, it makes me very curious about the logic they applied when the decision was made.

    I can only assume that not enough people know about this issue or they would be up in arms about it. It would never have occurred to me that it was the case only I stumbled over it by a fluke.

    I respect Ubuntu too much to let this one just go by. Ubuntu is the nearest thing we have to an effective weapon against Microsoft and this is an Achilles heel.

    Ubuntu touts itself as 'Secure by design' and many sensible decisions have been taken in this regard: we all have separate user accounts, no services run by default, to log in you need to know a username *and* a password by default, etc, etc. All sensible and logical. There is even a 'sticky' at the top of the 'Security' forum saying words to the effect of 'Use strong passwords and change them regularly'.

    Then all home folders are readable by anyone else on the box by default!!

    What is the point of *any* password if this is the case?

    I have been pointed to places like this
    http://brainstorm.ubuntu.com/idea/6106/
    and read through the arguments. Some are saying it's not a security issue, it's a privacy issue. To me this is a red herring. A user's home folder should be private *and* secure, period.

    I also see 'If someone boots up from a live CD they can read your home folder anyway, so what's the point?'

    This is a ridiculous argument. It's like saying 'Don't bother wearing a seatbelt when you are driving, If you get hit by a 20-Tonne truck, you're dead anyway, so what's the point?'

    Others are saying it's a convenience thing for people to share files. Well, that's certainly true

    Having World-readable Home folders is totaly inconsistent with a modern OS! It needs to be fixed!

    Of course we need shared folders but we can quite easily have both shared folders and Private and Secure Home folders. They are not exclusive.

    To me, the sensible model is the OSX one: Home folders are readable but any folder within this is not, other than the Web/Apache folder and the Shared folder. This is logical, secure and private. It is also convenient in terms of sharing files.

    In fact I would go one step further and have two folders within the Home folder: Private and Shared. Then the conventional folders under these. But I understand that this may be a step too far

    Please explain to me the logic behind the current setup, if there is any.

    *And* let's not go round the 'It's easy to fix, just do this that and the other' block, I'm talking about *Default settings*. It's important!

    Discuss please

    Simon


    The mid-section may be of interest as background but please jump to about page three for my quest to understand why the decision was made to make home folders world readable.

    ************************************************** ************************************

    Odd one this...

    I was given an old computer by our local school. It only has a 40GB drive in it so I hooked up a 320GB USB drive to it.

    My boot partition is now on the 40GB drive and *everything* else is on the 320GB drive. (I would have preferred everything to be on the 320GB but couldn't get the box to boot from it)

    Now I find that when I create a new user on the box, they are able to traverse the whole file system without being jailed to their own home folder. All users seem to be able to do this.

    Even the root folder has access rights given to 'Others'.

    Is this because it's an external drive?

    What's the permanent fix? It's a drag to have to set permissions on each user specially. Even if I fix user folders manually, what do I do about the root folder?

    Thanks

    Simon
    Last edited by Smartin; July 12th, 2009 at 10:52 AM.

  2. #2
    Join Date
    Jul 2007
    Location
    Burlington, NC
    Beans
    1,994
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Newb: Jaunty permissions all wrong!

    the external drive is probably NTFS for Windoze -
    all system and user folders in Linux should be a native format
    such as ext3, reiserfs, or ext4.

  3. #3
    Join Date
    Oct 2007
    Beans
    102

    Re: Newb: Jaunty permissions all wrong!

    Quote Originally Posted by asmoore82 View Post
    the external drive is probably NTFS for Windoze -
    all system and user folders in Linux should be a native format
    such as ext3, reiserfs, or ext4.
    asmoore82,

    Thanks for your response...

    The drive is formatted as ext3. I don't allow Windoze in the house...

    It's something else...

    Simon

  4. #4
    Join Date
    Apr 2009
    Beans
    Hidden!
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Newb: Jaunty permissions all wrong!

    When you say that all users have access to the root folder, are you talking about / or /root? If you mean / then all users should have read and execute rights, but not write rights. What is the output of
    Code:
    ls -ld /

  5. #5
    Join Date
    Oct 2007
    Beans
    102

    Re: Newb: Jaunty permissions all wrong!

    Quote Originally Posted by michy99 View Post
    When you say that all users have access to the root folder, are you talking about / or /root? If you mean / then all users should have read and execute rights, but not write rights. What is the output of
    Code:
    ls -ld /
    Michy99,

    Thanks for chipping in.

    This is beginning to ring bells now. I remember being astonished that users can roam around the Ubuntu file system at will before... It would never happen on my OSX box but let's not go there...

    Edit: I take this back!! It is possible. I definitely can't see inside another user's folders inside their home folders though, let alone open a document.

    ls -l / gives me
    Code:
    rwxr-xr-x   2 root root  4096 2009-07-10 08:21 bin
    drwxr-xr-x   4 root root  4096 2009-07-10 08:20 boot
    lrwxrwxrwx   1 root root    11 2009-07-10 08:04 cdrom -> media/cdrom
    drwxr-xr-x  16 root root  3960 2009-07-10 10:28 dev
    drwxr-xr-x 124 root root  4096 2009-07-10 10:28 etc
    drwxr-xr-x   4 root root  4096 2009-07-10 10:11 home
    lrwxrwxrwx   1 root root    33 2009-07-10 08:20 initrd.img -> boot/initrd.img-2.6.28-11-generic
    drwxr-xr-x  19 root root  4096 2009-07-10 08:21 lib
    drwx------   2 root root 16384 2009-07-10 08:03 lost+found
    drwxr-xr-x   4 root root  4096 2009-04-20 14:59 media
    drwxr-xr-x   2 root root  4096 2009-04-13 10:33 mnt
    drwxr-xr-x   2 root root  4096 2009-04-20 14:59 opt
    dr-xr-xr-x 125 root root     0 2009-07-10 09:32 proc
    drwx------   4 root root  4096 2009-07-10 09:32 root
    drwxr-xr-x   2 root root  4096 2009-07-10 08:21 sbin
    drwxr-xr-x   2 root root  4096 2009-03-06 16:21 selinux
    drwxr-xr-x   2 root root  4096 2009-04-20 14:59 srv
    drwxr-xr-x  12 root root     0 2009-07-10 09:32 sys
    drwxrwxrwt  19 root root  4096 2009-07-10 10:28 tmp
    drwxr-xr-x  11 root root  4096 2009-04-20 15:00 usr
    drwxr-xr-x  15 root root  4096 2009-04-20 15:07 var
    lrwxrwxrwx   1 root root    30 2009-07-10 08:20 vmlinuz -> boot/vmlinuz-2.6.28-11-generic
    I confess to being a newb and knowing next to nothing about this but to my mind only
    /root and /lost+found have the correct permissions. No?
    This may be as it should, and I find it incredible in itself, but the permissions in my home folder
    Code:
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Desktop
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Documents
    -rw-r--r-- 1 myname myname  357 2009-07-10 08:17 examples.desktop
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Music
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Pictures
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Public
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Templates
    drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Videos
    seem to allow any other user to access all my files.

    I have just tested this by creating a test user and saving a test file on my own desktop. The test user can open and read the document when logged in to their own account.

    This is on a fresh install of Jaunty, installed since my first post to make *triply* sure everything is formatted as ext3.

    How can this happen? What is the permanent fix?

    Isn't it a security risk to allow all users access, in any way, to the root file system? It gives me a heads-up as to username/password for a start...

    I'm sure this is user error but I'm still astonished/intrigued...

    Help please!!

    Simon
    Last edited by Smartin; July 10th, 2009 at 12:13 PM.

  6. #6
    Join Date
    Jan 2006
    Location
    Sunny Southend-on-Sea
    Beans
    5,409
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: Newb: Jaunty permissions all wrong!

    Quote Originally Posted by Smartin View Post
    the permissions in my home folder
    seem to allow any other user to access all my files.
    Yes. I don't know why it's like that, but a default install does allow each user to see the contents of each other user's Home folders. Just remove the read permission for group and others and you should be fine.
    Isn't it a security risk to allow all users access, in any way, to the root file system? It gives me a heads-up as to username/password for a start...
    How would one run the programs that are stored on the filesystem if one could not access the filesystem? And I have no idea how you might guess anyone's password from anything in the filesystem.

    Knowing the username of other users when you already have access to the machine is pretty standard. You can have the login screen show you what they all look like too if you like.

    It is possible to set your machine up to run as a kiosk if you want, but I doubt that it is.
    None but ourselves can free our minds

  7. #7
    Join Date
    Oct 2007
    Beans
    102

    Re: Newb: Jaunty permissions all wrong!

    Catkiller,
    Quote Originally Posted by CatKiller View Post
    Yes. I don't know why it's like that, but a default install does allow each user to see the contents of each other user's Home folders. Just remove the read permission for group and others and you should be fine.
    So it seems... But surely actually being able to *read a document* isn't right??

    I find it incredible that another user can even *see inside* my home folder! Incredible!

    I understand it's easily remedied but it just shouldn't be that way.

    How would one run the programs that are stored on the filesystem if one could not access the filesystem? And I have no idea how you might guess anyone's password from anything in the filesystem.

    Knowing the username of other users when you already have access to the machine is pretty standard. You can have the login screen show you what they all look like too if you like.
    Surely running an application is different from actually roaming around the system? A malicious user could garner all sorts of useful info.

    As to the username/password issue, the default is that you have to know *both* the username and the password to log in. This seems sensible. Once I can roam around the file system, I can see the username quite easily. 50% less secure in a moment. Very uncool.

    As to being able to actually open another user's documents, that's plain ridiculous! Surely that's not intended.

    *Please* tell me I screwed up my install somehow or that it's due to my home folders being on an external disk. *Please*...

    Simon

  8. #8
    Join Date
    Mar 2009
    Location
    East London, South Africa
    Beans
    26

    Re: Newb: Jaunty permissions all wrong!

    Try:
    Code:
    sudo chmod 700 /home/*
    ubuntu -- linux for human beings

  9. #9
    Join Date
    Oct 2007
    Beans
    102

    Re: Newb: Jaunty permissions all wrong!

    Quote Originally Posted by Mka View Post
    Try:
    Code:
    sudo chmod 700 /home/*
    Mka,

    Thanks for that but my point is that it should absolutely not be necessary.

    It's seriously making me re-evaluate whether I keep using Ubuntu as a Desktop OS.

    ... and I'm still convinced that I shouldn't be able to actually *open* another user's documents...

    Everyone seems pretty cool about this. I'm stunned.

    Simon

  10. #10
    Join Date
    Apr 2009
    Beans
    Hidden!
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Newb: Jaunty permissions all wrong!

    If you have anything you want to keep private, you need to encrypt it. Even if you set your home folder to 700 and don't give other users admin privileges, all they have to do is boot from a live CD and they have access to anything on the disk. This is true of any operating system.

Page 1 of 18 12311 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •