[PATCH] adduser: Make home directory not world readable
tito
farmatito at tiscali.it
Tue Jan 17 13:24:13 UTC 2023
On Tue, 17 Jan 2023 14:10:48 +0100
Valentin <vakevk at gmail.com> wrote:
> adduser sets the mode of the newly created home directory to
> u+rwx g+rx o+rx (755). This allows every user on the system to read the
> directory.
>
> This commit changes the mode to not give other users any permissions
> (750).
>
> This is a better default. Home directories are likely to contain
> sensitive information, which you expect to not be world readable. If
> you really want your home directory to be world readable you can
> manually chmod it afterwards.
>
> On the other hand, if the default is world readable, then inaction
> exposes sensitive information. This can happen by accident when you are
> not aware what mode adduser sets.
>
> I could not find any reasoning for the current behavior. 755 has been
> used since the commit that created adduser.c in 2002. Neither the commit
> nor the file today contain an explanation.
> ---
> loginutils/adduser.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/loginutils/adduser.c b/loginutils/adduser.c
> index d3c795afa..218fe1371 100644
> --- a/loginutils/adduser.c
> +++ b/loginutils/adduser.c
> @@ -278,9 +278,9 @@ int adduser_main(int argc UNUSED_PARAM, char **argv)
> umask(0);
> if (!(opts & OPT_DONT_MAKE_HOME)) {
> /* set the owner and group so it is owned by the new user,
> - * then fix up the permissions to 2755. Can't do it before
> + * then fix up the permissions to 2750. Can't do it before
> * since chown will clear the setgid bit */
> - int mkdir_err = mkdir(pw.pw_dir, 0755);
> + int mkdir_err = mkdir(pw.pw_dir, 0750);
> if (mkdir_err == 0) {
> /* New home. Copy /etc/skel to it */
> const char *args[] = {
> @@ -299,7 +299,7 @@ int adduser_main(int argc UNUSED_PARAM, char **argv)
> }
> if ((mkdir_err != 0 && errno != EEXIST)
> || chown(pw.pw_dir, pw.pw_uid, pw.pw_gid) != 0
> - || chmod(pw.pw_dir, 02755) != 0 /* set setgid bit on homedir */
> + || chmod(pw.pw_dir, 02750) != 0 /* set setgid bit on homedir */
> ) {
> bb_simple_perror_msg(pw.pw_dir);
> }
Hi,
this is the default in debian as could be seen in /etc/adduser.conf:
# If DIR_MODE is set, directories will be created with the specified
# mode. Otherwise the default mode 0755 will be used.
DIR_MODE=0755
so busybox uses the default. This could be made a config option
with 755 as default or if we want to be more on the security
side 750.
Ciao,
Tito
More information about the busybox
mailing list