Ubuntu User Security (or lack of)

8 03 2009

The other day was the first time I actually set up a user account for someone other than myself on my Ubuntu laptop. Something rather odd that I noticed, by default, the new /home/user directory has the file permissions set so anyone can read or execute the files. If I’m not mistaken, last time I made a user on Slackware or Gentoo it was set so only the owner could access and read the files located in his /home director… This discovery was followed by a “chmod -R go-rwx /home/user” on all my accounts, something that’s a good thing to do every now and then anyway if you’re security paranoid and in a multiuser enviornment. In the future, to make users created with adduser have more secure permissions,  run “sudo dpkg-reconfigure adduser”.

adduserAnd select no on the prompt asking if you want systm-wide readable home directories.