oss-sec mailing list archives
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 12 Oct 2020 16:51:11 -0400
On Mon, Oct 12, 2020 at 4:32 PM Kurt H Maier <khm () sciops net> wrote:
On Mon, Oct 12, 2020 at 09:41:39PM +0200, Solar Designer wrote:I also think the defaults should be changed, and not only on Debian.This is just kicking the can down the road. X years ago people complained about oppressive defaults. X years from now these defaults will also be insufficient. We could save a lot of treadmill labor dollars by just admitting that global filesystem namespaces are a mistake, but the sunk cost fallacy is preventing this. It's the same story as SETUID all over again.
Maybe it's time to take a more defensive posture and guide a user through the setup if they wish. Nowadays you've got those systemd-triggered first-time logon GUI wizards that could include a step to setup file sharing, like making /home/loser/www available to other users. The defensive posture should keep security conscious folks happy, and the setup wizard will keep promiscuous users happy. Jeff
Current thread:
- Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Georgi Guninski (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeremy Stanley (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Noel Kuntze (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Brian May (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Solar Designer (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Kurt H Maier (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeffrey Walton (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Brian May (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Russ Allbery (Oct 12)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeremy Stanley (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Eli Schwartz (Oct 13)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Seth Arnold (Oct 07)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Bob Friesenhahn (Oct 08)
- Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Seth Arnold (Oct 08)