LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-02-2007, 10:46 AM   #1
afpu
LQ Newbie
 
Registered: Jan 2007
Posts: 2

Rep: Reputation: 0
Strange changes in home directory permissions


I found this question in an old forum but no answer:

'for the user "lambda" its home directory is $HOME="/home/lambda". The default permissions for the directory "lambda" are "drwx------". When I change them to "drwx--x---" with the command "chmod g+x $HOME", a few minutes later this changement is lost.

Is there a particular configuration I should do?'

I have the exact same problem except that I want to do a+rx on the directory instead of g+x.

Why is the file permissions lost/reset ?

Any help would be appreciated.

/Anders
 
Old 01-02-2007, 03:18 PM   #2
gintaras46
LQ Newbie
 
Registered: Dec 2005
Posts: 7

Rep: Reputation: 0
Hi,

the same is for me with Mandriva. I've mentioned it beggining with Mandrake 10.1. Actualy I didn't found any solution (lack of time and too much work), but I've came the simplest way. Just added to crontab little script with "chmod -R 0777 /home". Any help how to do these changes permanent would be appreciated.

Thanks
 
Old 01-03-2007, 02:46 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I have the exact same problem except that I want to do a+rx on the directory instead of g+x.
Can I ask why?


a few minutes later this changement is lost. (..) Why is the file permissions lost/reset ?
Look for cronjobs that check and change this. I thought packages like Draksec or Msec only alerted for and didn't change things but I could be mistaken.

Last edited by unSpawn; 01-03-2007 at 02:49 AM.
 
Old 01-03-2007, 05:36 PM   #4
afpu
LQ Newbie
 
Registered: Jan 2007
Posts: 2

Original Poster
Rep: Reputation: 0
Problem solved

Ok, I only want o+x on the /home/lambda directory. I had to put some stuff there because the only file system (of two) with enough space is on /home.

I did not understand why the permissions I put on that directory was reset periodically.

I am running on security level 4 (SECURE_LEVEL=4). Don't know if that is really needed but seems to work fine otherwise.

It seems that on that level, msec is using an user umask of 077 (UMASK_USER=077) for the home directories which will clear go+rwx (which is exactly what happened for me).

For level 3, the user umask is 022 which would work for me.

I used the graphical tool in MandrivaControlPanel->Security->FineTuningSecuritySettings to add a specific rule for the /home/lambda directory to override the standard rule used by msec.


It works fine for me now and I think I understand why the permissions were cleared (by msec).

/Anders
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
default permissions for home directory gerghk Slackware 2 11-02-2006 01:01 AM
Home directory permissions bug Ammad Linux - General 1 03-02-2006 04:08 AM
directory permissions acting strange. mushmaster Linux - Software 1 02-12-2006 07:33 PM
Home directory permissions changing haphazardly... zupidupi Linux - Newbie 4 04-14-2005 01:31 PM
Users home directory. Permissions. jsbush Linux - Newbie 4 10-29-2003 08:13 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration