[Adduser-devel] Bug#398793: Default Homedir Permissions
Olaf van der Spek
olafvdspek at gmail.com
Thu Feb 17 15:07:12 UTC 2011
On Thu, Feb 17, 2011 at 3:58 PM, Roger Leigh <rleigh at codelibre.net> wrote:
> In general, I think it's fair to say that the average Debian
> installation does not require Fort Knox levels of security. Simply
> allowing other people to read our files is often something desirable;
Does other refer to other users, all other accounts or the entire world?
> if I have something especially secret, I'll take steps to make sure
> it's not readable or writeable by anyone except me. But in general,
> it's not a bad thing that others can see my stuff. I can always keep
> private things in a 0700 subdirectory.
You can, but you can easily forget that.
Note that defaulting to private does not prevent you from changing the
permissions.
> I can see that in some circumstances you might well want total control
> over who can see your files, but unless you're dealing with TOP SECRET
> stuff, I am not convinced that this is something the typical user would
> wish to have by default. Are there any common use cases which require
> this?
Like backups, the need for security is often discovered after it was necessary.
--
Olaf
More information about the Adduser-devel
mailing list