crp Posted September 30, 2021 Share Posted September 30, 2021 have a user with a home directory that doesn't exist. the user was able to login and then had access to all the subdirectories in /home Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 30, 2021 Share Posted September 30, 2021 What permissions did the user have? If you do not want this to happen, you have to set the permissions on your /home/ to 0750 using: sudo chmod 0750 /home/crp Explained further here: https://www.howtogeek.com/190084/how-to-prevent-other-users-from-accessing-your-home-directory-in-ubuntu-14.04/ 1 Quote Link to comment Share on other sites More sharing options...
crp Posted September 30, 2021 Author Share Posted September 30, 2021 8 minutes ago, securitybreach said: What permissions did the user have? If you do not want this to happen, you have to set the permissions on your /home/ to 0750 using: sudo chmod 0750 /home/crp Explained further here: https://www.howtogeek.com/190084/how-to-prevent-other-users-from-accessing-your-home-directory-in-ubuntu-14.04/ Why is the default of total access to /home considered safe? Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 30, 2021 Share Posted September 30, 2021 Well I do not why the distro decided to use 755 as it allows any one in the users group to look at other user's directories. Quote According to an Ubuntuforms.org staff member, it is to make it easier to share files between new users. https://askubuntu.com/questions/46501/why-can-other-users-see-the-files-in-my-home-folder Quote Link to comment Share on other sites More sharing options...
securitybreach Posted October 1, 2021 Share Posted October 1, 2021 I usually set mine to 700 even though I am the only user on the machine. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 1, 2021 Share Posted October 1, 2021 Same for me, Josh... 700 (owner r-w-x, group - - -, other - - - )... drwx------ 46 vtel57 users 4096 Oct 1 09:00 vtel57/ 1 Quote Link to comment Share on other sites More sharing options...
sunrat Posted October 1, 2021 Share Posted October 1, 2021 Interesting, never considered that before. Default in my Debian is drwxr-xr-x which is 751. I guess the x for others enables them to see other directories but not read what's in them without the r . Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 1, 2021 Share Posted October 1, 2021 Of course, y'all already know this, but others may be interested... r = read w = write x = execute ___ 0 No Permission — 1 Execute –x 2 Write -w- 3 Execute + Write -wx 4 Read r– 5 Read + Execute r-x 6 Read +Write rw- 7 Read + Write +Execute rwx 1 1 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted October 1, 2021 Share Posted October 1, 2021 Nice breakdown Eric 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 1, 2021 Share Posted October 1, 2021 Thanks. I still remember some of this stuff. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted October 1, 2021 Share Posted October 1, 2021 14 minutes ago, V.T. Eric Layton said: Thanks. I still remember some of this stuff. Lots of linux users nowadays do not even understand or use permissions. I am not referring to you crp but I just mean all the users who know little about linux beyond clicking on apps and such. I love how linux has grown but I still preferred the times when you had to be a computer geek to configure and use linux. 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 1, 2021 Share Posted October 1, 2021 Yes, they've all been Ubuntu-ised. 1 Quote Link to comment Share on other sites More sharing options...
Hedon James Posted October 2, 2021 Share Posted October 2, 2021 13 hours ago, V.T. Eric Layton said: Yes, they've all been Ubuntu-ised. I probably resemble that remark. LOL! While I no longer use Ubuntu, it has many fine features which make it an ideal (IMO) distro for new linux users. You shouldn't HAVE TO be a mechanic in order to drive a car. While I'm certain those mechanic skills will come in handy at some point, most people just want to DRIVE the car. And let's be honest......the overwhelming majority of computer users are Windows users. It's a hard sell to get most of those users to even try something new, no matter how much "better" it is. But then to tell 'em they've got to develop some "mechanic skills" in order to switch, is it any wonder almost everyone says "nah....I just wanna DRIVE the car" and stays with Windows? 1 Quote Link to comment Share on other sites More sharing options...
raymac46 Posted October 2, 2021 Share Posted October 2, 2021 Aside from the insane idea of setting permissions to 777, I don't see them as a big deal on a system that has one user aside from root and no likelihood of ever having any more. Maybe I'm missing something just going with the defaults here. Or not. 1 2 Quote Link to comment Share on other sites More sharing options...
abarbarian Posted October 2, 2021 Share Posted October 2, 2021 I have a question. I have set my home for me only, Put brain in gear befor pressing enter14:34:26-->Sat Oct 02-->~ -->ls -ld /home/bloodaxe drwx------ 47 bloodaxe bloodaxe 4096 Oct 2 14:25 /home/bloodaxe However I do and get Put brain in gear befor pressing enter14:28:41-->Sat Oct 02-->~ -->ls -al total 376 drwx------ 47 bloodaxe bloodaxe 4096 Oct 2 14:25 . drwxr-xr-x 4 root root 4096 Jan 14 2021 .. drwxr-xr-x 18 bloodaxe bloodaxe 4096 Sep 22 12:12 ABCMinors -rw-r--r-- 1 bloodaxe bloodaxe 12 Feb 3 2021 .alsoftrc drwxr-x--- 2 bloodaxe bloodaxe 4096 Aug 10 14:49 .android drwxr-xr-x 3 bloodaxe bloodaxe 4096 Apr 16 13:46 BACKUPS -rw------- 1 bloodaxe bloodaxe 11048 Oct 2 10:51 .bash_history -rw-r--r-- 1 bloodaxe bloodaxe 21 Dec 20 2020 .bash_logout -rw-r--r-- 1 bloodaxe bloodaxe 57 Dec 20 2020 .bash_profile -rw-r--r-- 1 bloodaxe bloodaxe 2152 Aug 26 09:48 .bashrc According to the above ABCMinors has execute permissions for anyone. Yet I get this from a gui Can anyone explain what is going on as I am a tad confused. Quote Link to comment Share on other sites More sharing options...
sunrat Posted October 2, 2021 Share Posted October 2, 2021 11 minutes ago, abarbarian said: Can anyone explain what is going on as I am a tad confused. Your computer is trolling you. 2 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 2, 2021 Share Posted October 2, 2021 2 hours ago, Hedon James said: You shouldn't HAVE TO be a mechanic in order to drive a car. Relax, HJ... I actually agree with you. I've converted many family and friends to GNU/Linux over the last decade or so. I couldn't have done that with Slackware or Arch. Ubuntu (Mint, also) made that possible. 1 hour ago, raymac46 said: I don't see them as a big deal on a system that has one user... Sure, it's probably not necessary. Maybe Josh and I are just a bit paranoid. 21 minutes ago, abarbarian said: Can anyone explain what is going on as I am a tad confused. The simple answer is that your permissions are NOT set for "just you". However, it's easily fixed in one quick step: #chmod -R 700 /home/bloodaxe Actually, that might not be such a good idea. Some applications and modes of operation need access to the data in your /home directory. You should ONLY "chmod -R 700" on your personal directories within the /home directory. Do NOT limit access to config files, themes, icons, etc. That will trash your system, I believe. I'm glad I caught this before you did anything. I blame it on not enough coffee this AM. Have fun! . 1 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 2, 2021 Share Posted October 2, 2021 By the way, @abarbarian... your GUI permissions are the same as your command line permissions. It's just that the GUI is using different terms... - view content = Read (r) - change content = Write (w) - access content = Execute (x) Your terminal view shows: drwxr-xr-x 18 bloodaxe bloodaxe 4096 Sep 22 12:12 ABCMinors Your GUI shows: View - Anyone Change - Only Owner Access - Anyone This is correct! In the ls -a display, you see "drwxr-xr-x": - d = directory - first triad (rwx) = owner -> owner (you) can read, write, and execute this file - second triad (r-x) = group -> group can read and execute - third triad (r-x) = users -> any users can read and execute In other words, the permissions for this particular file are 755. Clear as mud, eh? 1 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 2, 2021 Share Posted October 2, 2021 A quick little permissions tutorial written by a fellow Slacker and pal o' mine, Mathew Fillpot about a decade ago... https://www.linux.com/training-tutorials/understanding-linux-file-permissions/ 1 Quote Link to comment Share on other sites More sharing options...
Hedon James Posted October 2, 2021 Share Posted October 2, 2021 3 hours ago, V.T. Eric Layton said: Relax, HJ... I actually agree with you. I've converted many family and friends to GNU/Linux over the last decade or so. I couldn't have done that with Slackware or Arch. Ubuntu (Mint, also) made that possible. Sure, it's probably not necessary. Maybe Josh and I are just a bit paranoid. It's all good Eric. Just an observation about the catch-22 situation(s) we encounter when introducing new users to Linux. I've got nothing scientific to back it up, but my own personal observations are that about 98% of Windows users, and 100% of OSX users just want to "drive the car". Empirically, this explains the approximate 2% market share of Linux as an OS. So about 2% of us (including everyone on this forum) are mechanically inclined, and drive "hot rod" Operating Systems! 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted October 2, 2021 Share Posted October 2, 2021 I just put them on LinuxMint and I usually do not hear anything else about it as it just works. 1 1 Quote Link to comment Share on other sites More sharing options...
raymac46 Posted October 3, 2021 Share Posted October 3, 2021 Honestly, I have to put myself more in the driver category than the tinkerer one. I did a lot of tinkering in my early days because things like WPA wifi could not be implemented without resorting to CLI and special configuration files. That is all behind us now. Even my use of a real tinkerer's distro like Arch is more for its lightweight characteristics, rolling release, and stability. Linux Mint made it possible to keep two nine-year-old Sandy Bridge machines working for my son-in-law's family and they have used them for months to do the kids' remote learning without incident. Permissions have always been a minefield for me. I can't remember how many times I copied picture files from a CD onto a system, only to find that I had no ownership or control afterwards. Permissions were essential if you were the admin of a megauser UNIX operation back in the day. But I think sometimes they are overkill for a simple Linux system. YMMV of course. 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 3, 2021 Share Posted October 3, 2021 I only tinker (get under the hood) when necessary these days. I just want the thing to come on and WORK when I press that ON/OFF button. 1 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted October 3, 2021 Share Posted October 3, 2021 I still tinker sometimes... Quote Link to comment Share on other sites More sharing options...
raymac46 Posted October 4, 2021 Share Posted October 4, 2021 (edited) I did a bit of tinkering recently to get my Debian bookworm install back to the way I like it. I wouldn't say this is something I enjoyed though. I am not totally averse to tinkering or I would just install Linux Mint on everything. You have to be willing to fix/configure stuff to explore distros like Arch or Debian testing. Goes with the territory. Edited October 4, 2021 by raymac46 2 Quote Link to comment Share on other sites More sharing options...
Hedon James Posted October 4, 2021 Share Posted October 4, 2021 Tinker is a good description. I'm a tinkerer who likes to get things custom fit for my personal preferences. But once I get it to that place, I just want to maintain it without much hassle...I just wanna drive it! 1 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 4, 2021 Share Posted October 4, 2021 Part of the reason I don't tinker much is that I only have one working system these days. The days of having 5 or 6 laptops and towers around here are gone. I still have my workshop system, but it has a dead PSU. Since it's not a critical machine, I haven't bothered to repair it, even though Bob (Amenditman) mentioned that he probably had a good PSU he could give me. I have NO laptops at all nowadays. Of course, with Slackware (as with Arch), under-the-hood work is sometimes required. Not a problem. After 15+ years of running Slackware as my primary OS, I can usually fudge my way around under that hood relatively proficiently. When it's something above my pay grade, though, I find much assistance with Slackware at Jeremy's Linux Questions forum. :) I have a strong feeling that when this current Main System smokes, I'll probably be saying bye-bye to computers and Internetting altogether. I've cut back on it quite a lot over the last few years. I'm pretty sure I could live without it. My only regrets would be missing my online friends and YouTube music. :) Quote Link to comment Share on other sites More sharing options...
raymac46 Posted October 4, 2021 Share Posted October 4, 2021 I've had personal computers since 1982, so no chance I say goodbye to them in my lifetime. Maybe I won't have the insane collection I have now, bit I'll have at least ONE. And it won't be a Smartphone. My wife's mother is 91, doesn't speak English much anymore, and no she isn't computer literate. We live 2 hours away. Without online access we could not book lab appointments for her, complete the Canadian census, pay her cable TV bill, get her vaccinated against COVID or send money to my brother-in-law for emergency house repairs. And that is just one little old lady. She likes looking at her childhood town in Italy on Google Earth too. I just spent two hours changing my online accounts to a new credit card, so it isn't all rainbows and unicorns. Shoulda stuck with PayPal. 1 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted October 4, 2021 Share Posted October 4, 2021 For some, the Internet/computers are a necessity. That's OK. For me, though, they're not. I can still write a check to pay bills. All I need is $$$. Quote Link to comment Share on other sites More sharing options...
abarbarian Posted October 5, 2021 Share Posted October 5, 2021 On 10/2/2021 at 4:28 PM, V.T. Eric Layton said: A quick little permissions tutorial written by a fellow Slacker and pal o' mine, Mathew Fillpot about a decade ago... https://www.linux.com/training-tutorials/understanding-linux-file-permissions/ Neat article and guide. I was confused over the " x " meaning and his explanation helped. Quote execute – The Execute permission affects a user’s capability to execute a file or view the contents of a directory. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.