slocate and security

arubin · 03-08-2009, 05:43 PM

I have just noticed something using slocate which seems like a security risk.

I have a user, katy on my system. slocate katy shows me all her files.

Quote:

alan@LavanKossot:~$ slocate katy
.......
/home/katy/Aleph Machane/To Do.doc
/home/katy/Aleph Machane/GENERAL SHIUR TIPS.doc
/home/katy/Aleph Machane/snapshot1.png
/home/katy/Aleph Machane/snapshot5.png
/home/katy/Aleph Machane/snapshot4.png
/home/katy/Aleph Machane/snapshot3.png
/home/katy/Aleph Machane/snapshot2.png
alan@LavanKossot:~$ cp /home/katy/Aleph\ Machane/To\ Do.doc ./
alan@LavanKossot:~$

I can then read the file To Do.doc

Now katy could have prevented this by making her folders and file read only but she would not think to do this. Similarly katy could see all my files.

TBC Cosmo · 03-08-2009, 05:55 PM

What is the result of ls -ld /home/katy

tux_dude · 03-08-2009, 06:02 PM

You can add /home/<user> to your PRUNEPATH in /etc/updatedb.conf.

Personally I set all users home directory to 700 and have a shared document directory with permission 770. This is only used to copy files between users and not for storing files.

arubin · 03-08-2009, 06:05 PM

Quote:

alan@LavanKossot:~$ ls -ld /home/katy
drwx--x--x 43 katy users 4096 2009-03-08 22:43 /home/katy/

but also note

Quote:

alan@LavanKossot:~$ cd /home/katy/
alan@LavanKossot:/home/katy$

Something odd going on here

arubin · 03-08-2009, 06:14 PM

Quote:

alan@LavanKossot:/home/katy$ ls
/bin/ls: cannot open directory .: Permission denied
alan@LavanKossot:/home/katy$ cd /home/katy/Aleph\ Machane
alan@LavanKossot:/home/katy/Aleph Machane$ ls
Aleph\ Folders.pdf Yomi.xls
Aleph\ template\ 2(2).dot camp\ t-shirt.bmp
Folder\ Covers\ individual....doc morals.odt
Folder\ Covers.doc shiur\ stuff.doc
GENERAL\ SHIUR\ TIPS.doc shiur\ stuff.odt
Hadrach\ tips\ -\ K's\ and\ T's.odt snapshot1.png
Hadracha\ tips\ -\ K's\ and\ T's.doc snapshot10.png

So I cannot see files in her home directory but I can go to and browse folders in sub-directories

TBC Cosmo · 03-08-2009, 06:18 PM

Knock the permissions on /home/katy down to mode 700. It's not a problen with slocate, rather too permissive mode on that directory.

tux_dude · 03-08-2009, 06:20 PM

Nothing wrong. With the permission you can go to the sub-directories (depending on their permissions) of /home/katy but you can not see what is in /home/katy (you need r to see the content of a directory). As root do chmod 700 /home/katy then trying viewing her files.

arubin · 03-08-2009, 06:22 PM

Quote:

root@LavanKossot:/home/alan# chmod 700 /home/katy/
root@LavanKossot:/home/alan# exit
exit
alan@LavanKossot:~$ cd /home/katy/Aleph\ Machane
-bash: cd: /home/katy/Aleph Machane: Permission denied

That seems to solve the problem.

But doesn't slackware default to drwx--x--x? Are the default slackware permissions to permissive?

tux_dude · 03-08-2009, 07:43 PM

I wouldn't call it too permissive. This gives you some access to the users directory, but you were unable to list the content of the directory. Look into file/directory permission (google) for more info on the subject. Also look into umask to explain the default file permissions for users.

Another option would be to add a list of default directories to /etc/skel with your required permissions. This will create a list of standard directory when you add a user.

arubin · 03-09-2009, 03:25 AM

Obviously I am able to make things more secure if I want to. However, I do not expect a user of the system to have this knowledge. Indeed I have now been running linux/slackware for 5 years and I have just discovered that in a default setup any user is able to browse the subdirectories of any other user. Why should the default be drwx--x--x rather than drwx------?

guanx · 03-09-2009, 07:11 AM

To my memory it was for some old mail program to work properly.

GazL · 03-09-2009, 08:24 AM

I agree, user home directories are way too sensitive to be left open like this by default. It's especially bad when you consider that the default umask is 0022. There'll be no end of common dotfiles and directories left readable in a users home directory.

Like Tux_dude, I chmod 700 all my users home directories for this very reason.

tux_dude · 03-09-2009, 11:08 AM

Quote:

Obviously I am able to make things more secure if I want to. However, I do not expect a user of the system to have this knowledge.

System security is not the responsibility of the user but the sys admin who should have this knowledge. You can always modify the default security to lock down the system.

Quote:

Why should the default be drwx--x--x rather than drwx------?

To my knowledge, this has been the default permission on user directory on Linux for quite a while. This allows external apps such as mail and web server to access the user home folder. This allows enough access to traverse the user home directory but not view its content (why ls /home/katy failed).

bgeddy · 03-09-2009, 12:34 PM

This is set from the /usr/sbin/adduser script as follows:

Code:

# Defaults
defhome=/home
defshell=/bin/bash
defchmod=711 # home dir permissions - may be preferable to use 701, however.
defgroup=users

If using the native /usr/sbin/useradd like so :

Code:

useradd -s/bin/bash -m  test4

then the home directory /home/test4 will be created with 0755 permissions.

arubin · 03-09-2009, 01:07 PM

I do not understand what the difference in effect between 701 and 711 would be.