From owner-freebsd-security  Tue Aug 29  9:11: 2 2000
Delivered-To: freebsd-security@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id C539237B42C
	for <freebsd-security@freebsd.org>; Tue, 29 Aug 2000 09:10:58 -0700 (PDT)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.9.3/8.9.3) with SMTP id MAA98882;
	Tue, 29 Aug 2000 12:10:56 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Tue, 29 Aug 2000 12:10:56 -0400 (EDT)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: specter <ai32@drexel.edu>
Cc: freebsd-security@freebsd.org
Subject: Re: adduser perm problem
In-Reply-To: <00082906200900.00680@reddog.yi.org>
Message-ID: <Pine.NEB.3.96L.1000829120858.98730B-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Tue, 29 Aug 2000, specter wrote:

> Perhaps I am missing something, but under 4.0 and 4.1-Release,
> when adding a user via adduser, I see the perms on the created
> home directory as "drwxr-xr-x", allowing any one to cd in and
> view files.
> 
> Is this normal behavior, or have I oopsed something on my
> system?

This is normal system behavior on FreeBSD and most UNIX-like operating
systems.  However, you can certainly imagine environments where you'd
prefer an alternate home directory permission set, and it might be worth
modifying adduser to support a command line argument (or configuration
directive in adduser.conf) specifying a different permission set.

I tend to create user home directories with the default open permissions,
but also create public_html/ and private/ subdirectories, indicating that
private material should be stored under the private directory.  This seems
to work fairly well in practice.

  Robert N M Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37  ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message