Date: Tue, 29 Aug 2000 11:26:05 -0500 From: Brad Guillory <round@baileylink.net> To: freebsd-security@freebsd.org Subject: Re: adduser perm problem Message-ID: <20000829112605.A975@baileylink.net> In-Reply-To: <Pine.NEB.3.96L.1000829120858.98730B-100000@fledge.watson.org>; from rwatson@freebsd.org on Tue, Aug 29, 2000 at 12:10:56PM -0400 References: <00082906200900.00680@reddog.yi.org> <Pine.NEB.3.96L.1000829120858.98730B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
As best I can tell all you have to do is chmod the /etc/skel directory.
When the directory is copied add user will then do this:
system("chmod -R u+wrX,go-w $homedir");
system("chown -R $name:$group $homedir");
so the default for /etc/skel is rwxr-xr-x
if you changed it to rwx------ or rwxr--r-- you will probably get what you
want. The chmod mentioned above will not change the mode at all.
I hope that this helps.
BMG
On Tue, Aug 29, 2000 at 12:10:56PM -0400, Robert Watson wrote:
>
> On Tue, 29 Aug 2000, specter wrote:
>
> > Perhaps I am missing something, but under 4.0 and 4.1-Release,
> > when adding a user via adduser, I see the perms on the created
> > home directory as "drwxr-xr-x", allowing any one to cd in and
> > view files.
> >
> > Is this normal behavior, or have I oopsed something on my
> > system?
>
> This is normal system behavior on FreeBSD and most UNIX-like operating
> systems. However, you can certainly imagine environments where you'd
> prefer an alternate home directory permission set, and it might be worth
> modifying adduser to support a command line argument (or configuration
> directive in adduser.conf) specifying a different permission set.
>
> I tend to create user home directories with the default open permissions,
> but also create public_html/ and private/ subdirectories, indicating that
> private material should be stored under the private directory. This seems
> to work fairly well in practice.
>
> Robert N M Watson
>
> robert@fledge.watson.org http://www.watson.org/~robert/
> PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
> TIS Labs at Network Associates, Safeport Network Services
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
--
__O | Information wants to be free! | __O Bike
_-\<,_ | FreeBSD:The Power to Serve (easily) | _-\<,_ to
(_)/ (_) | OpenBSD:The Power to Serve (securely) | (_)/ (_) Work
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000829112605.A975>