Comment posted How to configure Debian to create new added users through adduser to be secure by default / Limiting access to other user’s information by .
Saturday, 27th April 2024
Comment posted How to configure Debian to create new added users through adduser to be secure by default / Limiting access to other user’s information by .
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
This entry was posted on Saturday, April 27th, 2024 at 4:07 am and is filed under Computer Security, Linux, System Administration. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.
And shall not uncircumcision which is by nature, if it fulfil the
law, judge thee, who by the letter and circumcision dost transgress
the law?
-- Romans 2:27
☩ Walking in Light with Christ – Faith, Computing, Diary 2006-2020 Powered by:
Pc Freak Solutions and Comments (RSS).
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
Copyright (C) 2020 by Georgi Georgiev - Website Privacy Policy
Opera/9.80 (X11; Linux x86_64; U; en) Presto/2.6.30 Version/10.61
Should it not be chmod -R 750 /root, or chmod -R o-rx /root
View CommentView CommentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.14 Safari/534.3
Surely you mean the following:
debian:~# chmod -R 750 /root
View CommentView Commentdebian:~# for i in /home/*; do echo chmod -R 750 $i;
Mozilla/5.0 (X11; U; Linux x86_64; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Safari/531.2+ Debian/squeeze/sid () Epiphany/2.29.92
yes in the hurry it seems I put a wrong number 🙂
View CommentView CommentOpera/9.80 (Windows NT 6.1; U; pl) Presto/2.6.30 Version/10.60
Your chmods shoul be 750 not 755, because it wouldn’t change anything 🙂
View CommentView CommentMozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.9.1.10) Gecko/20100623 Iceweasel/3.5.10 (like Firefox/3.5.10)
‘I have no clear clue why the Debian development team has taken the decision to set such an insecure permissions by default,’
I do believe that’s a heritage thing from umask=0022 times.
I always change /etc/adduser.conf too (like you) AND umask settings.
In your example debian:~# chmod -R 755 /root I think that’s a typo, isn’t?
Maybe you mean debian:~# chmod -R 750 /root
Same thing to your second example (755 instead 750).
View CommentView CommentMozilla/5.0 (X11; U; Linux x86_64; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Safari/531.2+ Debian/squeeze/sid () Epiphany/2.29.92
yes it’s a type thanks for noting it!
View CommentView CommentBest
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
“for i in /home/*; do echo chmod -R 755 $i; done “
I guess it should be chmod -R 700 in the script.
View CommentView CommentMozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.2.7) Gecko/20100723 Fedora/3.6.7-1.fc13 Firefox/3.6.7
Old bug “/root is world readable”:
View CommentView Commenthttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295858
Mozilla/5.0 (X11; U; Linux x86_64; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Safari/531.2+ Debian/squeeze/sid () Epiphany/2.29.92
Yes you’re right
View CommentView CommentMozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.2.7) Gecko/20100723 Fedora/3.6.7-1.fc13 Firefox/3.6.7
I think it’s wrong to recursively change the ownerships on people’s files. You should only change the permissions on their home directory.
View CommentView CommentMozilla/5.0 (X11; U; Linux x86_64; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Safari/531.2+ Debian/squeeze/sid () Epiphany/2.29.92
Guess you’re right but yet, if only the users directory permissions are changed somebody could try to guess the user files and he will be able to read them if he is lucky. Thus it might be better that way sometimes.
View CommentView CommentMozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.2.7) Gecko/20100723 Fedora/3.6.7-1.fc13 Firefox/3.6.7
No it doesn’t work like that – try it.
View CommentView CommentMozilla/5.0 (X11; U; Linux x86_64; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Safari/531.2+ Debian/squeeze/sid () Epiphany/2.29.92
Yep I just gave it a try, You’re right. the “-R” option is not necessary in the for loop. I’ve fixed that in the article.
Thanks for noting it!
Will be seeing you around,
Wish you best!
Georgi
View CommentView CommentMozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0; .NET CLR 1.0.2914)
hey orada gday þekilde ailesine vereceðiz site . Seçilmisl?r? fark I anybody hansi site haqqinda bir . !
View CommentView CommentMozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
If some one needs to be updated with newest technologies after that he must be go to see this site and be up to date every day.
View CommentView Comment