From owner-freebsd-security@FreeBSD.ORG  Sat Oct 23 19:34:45 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C506616A4DF
	for <freebsd-security@freebsd.org>;
	Sat, 23 Oct 2004 19:34:45 +0000 (GMT)
Received: from beastie.hyow.eu.org (213-152-46-100.dsl.eclipse.net.uk
	[213.152.46.100])
	by mx1.FreeBSD.org (Postfix) with SMTP id 72E1143D31
	for <freebsd-security@freebsd.org>;
	Sat, 23 Oct 2004 19:34:44 +0000 (GMT)
	(envelope-from mark@hyow.eu.org)
Received: (qmail 90307 invoked by uid 751); 23 Oct 2004 19:37:48 -0000
Received: from mark@hyow.eu.org by beastie.hyow.eu.org by uid 731 with
	qmail-scanner-1.22-st-qms 
	(clamdscan: 0.75. spamassassin: 2.64.  Clear:RC:1(127.0.0.1):. 
	Processed in 0.909387 secs); 23 Oct 2004 19:37:47 -0000
X-Antivirus-HYOW.EU.ORG-Mail-From: mark@hyow.eu.org via beastie.hyow.eu.org
X-Antivirus-HYOW.EU.ORG: 1.22-st-qms (Clear:RC:1(127.0.0.1):. Processed in
	0.909387 secs Process 90302)
Received: from localhost.hyow.eu.org (HELO beastie.hyow.eu.org)
	(mark@hyow.eu.org@127.0.0.1)
	by beastie.hyow.eu.org with SMTP; 23 Oct 2004 19:37:46 -0000
Received: from 10.0.0.10
        (SquirrelMail authenticated user mark@hyow.eu.org);
        by beastie.hyow.eu.org with HTTP;
        Sat, 23 Oct 2004 20:37:46 +0100 (BST)
Message-ID: <52757.10.0.0.10.1098560266.squirrel@10.0.0.10>
In-Reply-To: <00ab01c4b870$a3024760$3501a8c0@pro.sk>
References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net>
    <008401c4b868$ffd64ac0$3501a8c0@pro.sk>
    <00ab01c4b870$a3024760$3501a8c0@pro.sk>
Date: Sat, 23 Oct 2004 20:37:46 +0100 (BST)
From: "Mark Magiera" <mark@hyow.eu.org>
To: freebsd-security@freebsd.org
User-Agent: SquirrelMail/1.4.3a
X-Mailer: SquirrelMail/1.4.3a
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 1 (Highest)
Importance: High
Subject: Re: Default permissions of /home/user..
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Oct 2004 19:34:45 -0000

> Sorry for my mistake - you use FreeBSD 5. The adduser command was changed
> to
> sh script in it. I do not use 5, so sorry again.
>
> If your /usr/sbin/adduser has in the start of lines 278 to 280 word
> "_pwcmd", add something like this after line 280:
> _pwcmd="$_pwcmd && chmod 700 $_home"
>
> Command stored in $_pwcmd is executed on line 282. The user should be
> added
> and homedir should be created. The addition above should chmod its homedir
> to 700 (drwx------) automatically.
>
> !!! AGAIN, NOT TESTED !!!
>
> Peter Rosa

Just a quick correction, you'll want to chmod $uhome not $_home. Having
done that, you can consider your suggestion tested and working.

Mark Magiera