On Tue, 20 Jun 2017 14:25:09 +0800 Ed Greshko <ed.greshko@xxxxxxxxx> wrote: > Also, please note that by default when a new user is created in > Fedora they also get a corresponding group unless you override. > Along with that the home directory is created with drwx------. > permissions. So, even if the permissions on the file allow group > access and even if the other user is part of the group they can't > access the files within your home directory and sub-directories. > > [egreshko@f26-b14 ~]$ pwd > /home/egreshko > > [egreshko@f26-b14 ~]$ ll text > -rw-rw----. 1 egreshko egreshko 6 Jun 20 14:09 text > [egreshko@f26-b14 ~]$ cat text > hello > [egreshko@f26-b14 ~]$ whoami > egreshko > > [egreshko@f26-b14 ~]$ grep ^egreshko /etc/group > egreshko:x:1000:silly > > [silly@f26-b14 ~]$ whoami > silly > > [silly@f26-b14 ~]$ cat /home/egreshko/text > cat: /home/egreshko/text: Permission denied > > [silly@f26-b14 ~]$ ll /home/egreshko > ls: cannot open directory '/home/egreshko': Permission denied > > So, no matter what you have your umask set to when talking about > files under your home directory you need to do some explicit changes > to directory and file permissions before others with access to your > system can even see what files are there. Well, thanks for that. It really puts the umask issue in perspective, and addresses my concerns that there was a vulnerability, when there actually isn't. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
