Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I had a custom install of Fedora Core 4 on a couple of machines. I noticed that the permissions on the home directories have permissions set as 755 on every home directory.
This allows other users to peek into other user's home directores. Where do I change the default permissions set on home directories when they are created?
This shouldn't be a default config for a linux box. Was there something that I missed during the initial install?
It would help if you filled in the "Distribution" section of your profile - that way we would know what distribution you are using.
I am afraid that, because all distros are different and run different Window Managers, I don't have a clue how to set home directories to have certain perms when they are created.
You can, however, do a "chmod 700 /home/user" on each home directory - that would work. I'm not sure if doing a "chmod 700 /home" would solve your problem?
As J_K9 says..u can run chmod ..a recursive chmod could be something like chmod -R 700 /home but this shouldnt be the ideal way .Whenever the profile files are copied into the users home directory you should add a line to the script which says chmod -R /home/username so you dont have to do it manually each time.
To find out all the directories that currently have permissions as 755 you should use the find call.Read up on the man for the syntax...coz I have trouble remmebering it
If you "chmod -R 700 /home" then most likely the only user to access this directory will be root since the ownership is probably root:root. You could change the individual user directories though. As far as setting the default permissions, read up on umask.
As far as setting the default permissions, read up on umask.
But umask only affects the permissions of files and folders created by the user after they've been created doesn't it? For example I just did a test on my Centos4 machine here doing a simple 'useradd test'. It created /home/test with 700 permissions. My root umask is 0022.
I'd be very interested to know where useradd decides what perms to apply to the newly created home dirs.
Useradd is not a good test. Use mkdir or touch instead. umask is the permission template for new files and directories. A umask of 022 should give you a 755 directory or 644 file.
Yeah my umask is correct, but what I was asking is what does useradd use to set the permissions on the home directory? AFAICT It doesn't look like its root's umask so it must be something else.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.