Bugzilla – Bug 106004
Insecure permissions in homedirs
Last modified: 2005-08-29 17:11:53 UTC
In addition to a users home directory being chmod 755, his ~/Documents directory is chmod 755 as well. This, combined with a umask of 022 means that a users documents can, by default, be read by all other users. Even if a user creates a new directory for his data, it too will have permissions 755 because of his umask. I suggest that at least ~/Documents should have mode 700, so that we are not insecure by default. Similarly, I see no reason ~/ooo-2.0-pre should be 755. This one should be 700 as well. Also, ~/.recently-used should have mode 600. Maybe YaST2 should offer an easy possibility to change the default umasks and homedir permissions since these are highly security relevant. Btw, my personal setup is "chmod -R go-rwx ~; umask 077"
Since Desktop is 700 it makes sense to have Documents 700 as well => aaa_skel -> ro I suppose ooo-2.0-pre is the equivalent of Documents inside OOo => OpenOffice_org -> pmladek I don't know where .recently-used comes from but mine is 600 alreay. Wrt to umask setting, we have already filed a feature request for yast. The default 022 is just fine for the majority of installations though.
On my system, .recently-used magically switched to mode 600 as well. I deleted it, started OpenOffice and safed an empty document -> the file existed again and had access mode 644. Wherever it comes from, OO has something to do with it.
I think that it is a good idea to create ~./ooo-2.0-pre with 700 access rights. I could change it this way. Michael, do you see any problems with it? OOo uses the .recently-used directory but I think that it is used by more applications. Michael, you worked at this feature for OOo. Do you know anything about it?
Well not -much- document wise is stored in ~/.ooo-2.0-pre - although AFAIR the auto-save functionality may be doing that now. So - yes, we prolly do need to clobber that. However - arguably this is a umask problem - why are we allowing just anyone to read all the data in our account ? surely that's a madness - just discovered all my files are unprotected ... [ is this a decision from the same security team that thinks encouraging every desktop user to completely disable the firewall (due to it blocking *outgoing* broadcast packets - killing N/W browse) increases security ? ;-].
skel/Documents to 700 : done.
I have added a hack into the ooo-wrapper, so it creates ~/ooo-2.0-pre with permissions 700. I tried to hack it in the OOo code but it was not easy. Yes, there was a code that checked this directory and created it. But in fact, the directory was created somewhile sooner when another code tries to write ~/.ooo-2.0-pre/user/registry/cache. So, I rather created the directory with secure permissions already in the wrapper. Also, I have added a hack for the file ~/.recently-used into the wrapper. If the file does not exist, the wrapper touches it with permissions 600. It seems to work well. The fix should be available on 10.0-beta4. This was the latest problem in this bug, so I'll close it as FIXED.