Why can 'Others' read files by default in Ubuntu?
I am trying to figure out why when creating new files and directories in, let's say, the Documents
folder, they get assigned, by default, the following permissions:
-rw-rw-r-- 1 hello world 0 Nov 19 12:17 'New Empty File'
drwxrwxr-x 2 hello world 4.0K Nov 19 12:16 'New Folder'/
Shouldn't 'Others' have no access to my files? From what I've read, Ubuntu is by default pretty secure. However, nowhere could I find a rationalization for this behavior. Would appreciate an answer :)
linux ubuntu
add a comment |
I am trying to figure out why when creating new files and directories in, let's say, the Documents
folder, they get assigned, by default, the following permissions:
-rw-rw-r-- 1 hello world 0 Nov 19 12:17 'New Empty File'
drwxrwxr-x 2 hello world 4.0K Nov 19 12:16 'New Folder'/
Shouldn't 'Others' have no access to my files? From what I've read, Ubuntu is by default pretty secure. However, nowhere could I find a rationalization for this behavior. Would appreciate an answer :)
linux ubuntu
add a comment |
I am trying to figure out why when creating new files and directories in, let's say, the Documents
folder, they get assigned, by default, the following permissions:
-rw-rw-r-- 1 hello world 0 Nov 19 12:17 'New Empty File'
drwxrwxr-x 2 hello world 4.0K Nov 19 12:16 'New Folder'/
Shouldn't 'Others' have no access to my files? From what I've read, Ubuntu is by default pretty secure. However, nowhere could I find a rationalization for this behavior. Would appreciate an answer :)
linux ubuntu
I am trying to figure out why when creating new files and directories in, let's say, the Documents
folder, they get assigned, by default, the following permissions:
-rw-rw-r-- 1 hello world 0 Nov 19 12:17 'New Empty File'
drwxrwxr-x 2 hello world 4.0K Nov 19 12:16 'New Folder'/
Shouldn't 'Others' have no access to my files? From what I've read, Ubuntu is by default pretty secure. However, nowhere could I find a rationalization for this behavior. Would appreciate an answer :)
linux ubuntu
linux ubuntu
asked Nov 19 '18 at 11:21
wombat trashwombat trash
354
354
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
The permissions model of Linux means that, even if you are the only user of your computer, you're not the only user on the system. Many services will create their own user account to run under - for example, Apache will usually run under its own dedicated account.
What you will also notice is that your home folder is usually only accessible to your own account - i.e. permissions 700
or drwx------
. That means that only you can get at your home folder, even if subfolders within that folder have full access.
This combination provides a useful balance. The default permissions allow service accounts to read any files on the system that they might need to, but they can't change anything. Any files which are personal to you should be in your home folder, so a rogue service won't be able to access them.
You might find the Filesystem Hierarchy Standard a useful read. This outlines the generally expected permissions and functions for Unix/Linux systems, and most distributions will abide by this.
2
For me, onXubuntu 18.04
,/home/<home folder>
hasdrwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?
– wombat trash
Nov 19 '18 at 12:58
11
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
2
It might be worth adding a little aboutumask
and how the default permissions for new files can be changed, and the caveats of doing that
– Dezza
Nov 19 '18 at 13:37
1
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
add a comment |
When you create new files and directories, the initial permissions are controlled by your umask
setting. The application creating the item specifies the maximum permissions (typically rwxrwxrwx
for directories and executable files, rw-rw-rw-
for data files), and then the permissions in umask
are subtracted from this.
So if you want more restrictive permissions, you should set your umask
to remove the permissions you don't want to grant. The permissions you show come from having umask 002
, so it just disables other=write
. If you want to disable other=read/execute
as well, you should used:
umask 007
Traditionally, the default umask 002
comes from the assumption that all the users on a particular system would be a cooperating community (e.g. programmers in the same department of an organization), so there's little reason to prevent other users from reading your files in general. If you have specific files that are more private, you'd give them more restrictive permissions. If the above assumption is inappropriate for the users of your system, you should use a different default umask in the shell startup scripts.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197976%2fwhy-can-others-read-files-by-default-in-ubuntu%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The permissions model of Linux means that, even if you are the only user of your computer, you're not the only user on the system. Many services will create their own user account to run under - for example, Apache will usually run under its own dedicated account.
What you will also notice is that your home folder is usually only accessible to your own account - i.e. permissions 700
or drwx------
. That means that only you can get at your home folder, even if subfolders within that folder have full access.
This combination provides a useful balance. The default permissions allow service accounts to read any files on the system that they might need to, but they can't change anything. Any files which are personal to you should be in your home folder, so a rogue service won't be able to access them.
You might find the Filesystem Hierarchy Standard a useful read. This outlines the generally expected permissions and functions for Unix/Linux systems, and most distributions will abide by this.
2
For me, onXubuntu 18.04
,/home/<home folder>
hasdrwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?
– wombat trash
Nov 19 '18 at 12:58
11
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
2
It might be worth adding a little aboutumask
and how the default permissions for new files can be changed, and the caveats of doing that
– Dezza
Nov 19 '18 at 13:37
1
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
add a comment |
The permissions model of Linux means that, even if you are the only user of your computer, you're not the only user on the system. Many services will create their own user account to run under - for example, Apache will usually run under its own dedicated account.
What you will also notice is that your home folder is usually only accessible to your own account - i.e. permissions 700
or drwx------
. That means that only you can get at your home folder, even if subfolders within that folder have full access.
This combination provides a useful balance. The default permissions allow service accounts to read any files on the system that they might need to, but they can't change anything. Any files which are personal to you should be in your home folder, so a rogue service won't be able to access them.
You might find the Filesystem Hierarchy Standard a useful read. This outlines the generally expected permissions and functions for Unix/Linux systems, and most distributions will abide by this.
2
For me, onXubuntu 18.04
,/home/<home folder>
hasdrwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?
– wombat trash
Nov 19 '18 at 12:58
11
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
2
It might be worth adding a little aboutumask
and how the default permissions for new files can be changed, and the caveats of doing that
– Dezza
Nov 19 '18 at 13:37
1
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
add a comment |
The permissions model of Linux means that, even if you are the only user of your computer, you're not the only user on the system. Many services will create their own user account to run under - for example, Apache will usually run under its own dedicated account.
What you will also notice is that your home folder is usually only accessible to your own account - i.e. permissions 700
or drwx------
. That means that only you can get at your home folder, even if subfolders within that folder have full access.
This combination provides a useful balance. The default permissions allow service accounts to read any files on the system that they might need to, but they can't change anything. Any files which are personal to you should be in your home folder, so a rogue service won't be able to access them.
You might find the Filesystem Hierarchy Standard a useful read. This outlines the generally expected permissions and functions for Unix/Linux systems, and most distributions will abide by this.
The permissions model of Linux means that, even if you are the only user of your computer, you're not the only user on the system. Many services will create their own user account to run under - for example, Apache will usually run under its own dedicated account.
What you will also notice is that your home folder is usually only accessible to your own account - i.e. permissions 700
or drwx------
. That means that only you can get at your home folder, even if subfolders within that folder have full access.
This combination provides a useful balance. The default permissions allow service accounts to read any files on the system that they might need to, but they can't change anything. Any files which are personal to you should be in your home folder, so a rogue service won't be able to access them.
You might find the Filesystem Hierarchy Standard a useful read. This outlines the generally expected permissions and functions for Unix/Linux systems, and most distributions will abide by this.
edited Nov 19 '18 at 19:49
wombat trash
354
354
answered Nov 19 '18 at 11:47
timbstoketimbstoke
26622
26622
2
For me, onXubuntu 18.04
,/home/<home folder>
hasdrwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?
– wombat trash
Nov 19 '18 at 12:58
11
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
2
It might be worth adding a little aboutumask
and how the default permissions for new files can be changed, and the caveats of doing that
– Dezza
Nov 19 '18 at 13:37
1
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
add a comment |
2
For me, onXubuntu 18.04
,/home/<home folder>
hasdrwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?
– wombat trash
Nov 19 '18 at 12:58
11
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
2
It might be worth adding a little aboutumask
and how the default permissions for new files can be changed, and the caveats of doing that
– Dezza
Nov 19 '18 at 13:37
1
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
2
2
For me, on
Xubuntu 18.04
, /home/<home folder>
has drwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?– wombat trash
Nov 19 '18 at 12:58
For me, on
Xubuntu 18.04
, /home/<home folder>
has drwxr-xr-x
permissions. Can't then an attacker try to make a user in my group to subvert this rationale?– wombat trash
Nov 19 '18 at 12:58
11
11
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
If an attacker has a way to create a user "in your group" you have already lost, cause if he can do that, he can just as easily make one in the "root" group / with root rights.
– Florian Bach
Nov 19 '18 at 13:23
2
2
It might be worth adding a little about
umask
and how the default permissions for new files can be changed, and the caveats of doing that– Dezza
Nov 19 '18 at 13:37
It might be worth adding a little about
umask
and how the default permissions for new files can be changed, and the caveats of doing that– Dezza
Nov 19 '18 at 13:37
1
1
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
@FlorianBach drwxr-xr-x permissions mean any other users on the system can read the files, not just users in your group. This includes other people with non-admin access user accounts on the system.
– Macil
Nov 19 '18 at 23:47
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
As @Macil points out, your home directory is mode 755, NOT 700, on Ubuntu. Anybody who wants to can list and traverse it. While certain subdirectories ("Documents", perhaps) might be 700, files and directories created in ~ are world-readable by default. Since quite a few programs make the same error that you made of assuming the home directory is private, they don't change the mode on their own files and end up emitting potentially-sensitive world-readable data. Ubuntu sucks.
– CBHacking
Nov 20 '18 at 0:54
add a comment |
When you create new files and directories, the initial permissions are controlled by your umask
setting. The application creating the item specifies the maximum permissions (typically rwxrwxrwx
for directories and executable files, rw-rw-rw-
for data files), and then the permissions in umask
are subtracted from this.
So if you want more restrictive permissions, you should set your umask
to remove the permissions you don't want to grant. The permissions you show come from having umask 002
, so it just disables other=write
. If you want to disable other=read/execute
as well, you should used:
umask 007
Traditionally, the default umask 002
comes from the assumption that all the users on a particular system would be a cooperating community (e.g. programmers in the same department of an organization), so there's little reason to prevent other users from reading your files in general. If you have specific files that are more private, you'd give them more restrictive permissions. If the above assumption is inappropriate for the users of your system, you should use a different default umask in the shell startup scripts.
add a comment |
When you create new files and directories, the initial permissions are controlled by your umask
setting. The application creating the item specifies the maximum permissions (typically rwxrwxrwx
for directories and executable files, rw-rw-rw-
for data files), and then the permissions in umask
are subtracted from this.
So if you want more restrictive permissions, you should set your umask
to remove the permissions you don't want to grant. The permissions you show come from having umask 002
, so it just disables other=write
. If you want to disable other=read/execute
as well, you should used:
umask 007
Traditionally, the default umask 002
comes from the assumption that all the users on a particular system would be a cooperating community (e.g. programmers in the same department of an organization), so there's little reason to prevent other users from reading your files in general. If you have specific files that are more private, you'd give them more restrictive permissions. If the above assumption is inappropriate for the users of your system, you should use a different default umask in the shell startup scripts.
add a comment |
When you create new files and directories, the initial permissions are controlled by your umask
setting. The application creating the item specifies the maximum permissions (typically rwxrwxrwx
for directories and executable files, rw-rw-rw-
for data files), and then the permissions in umask
are subtracted from this.
So if you want more restrictive permissions, you should set your umask
to remove the permissions you don't want to grant. The permissions you show come from having umask 002
, so it just disables other=write
. If you want to disable other=read/execute
as well, you should used:
umask 007
Traditionally, the default umask 002
comes from the assumption that all the users on a particular system would be a cooperating community (e.g. programmers in the same department of an organization), so there's little reason to prevent other users from reading your files in general. If you have specific files that are more private, you'd give them more restrictive permissions. If the above assumption is inappropriate for the users of your system, you should use a different default umask in the shell startup scripts.
When you create new files and directories, the initial permissions are controlled by your umask
setting. The application creating the item specifies the maximum permissions (typically rwxrwxrwx
for directories and executable files, rw-rw-rw-
for data files), and then the permissions in umask
are subtracted from this.
So if you want more restrictive permissions, you should set your umask
to remove the permissions you don't want to grant. The permissions you show come from having umask 002
, so it just disables other=write
. If you want to disable other=read/execute
as well, you should used:
umask 007
Traditionally, the default umask 002
comes from the assumption that all the users on a particular system would be a cooperating community (e.g. programmers in the same department of an organization), so there's little reason to prevent other users from reading your files in general. If you have specific files that are more private, you'd give them more restrictive permissions. If the above assumption is inappropriate for the users of your system, you should use a different default umask in the shell startup scripts.
answered Nov 19 '18 at 17:48
BarmarBarmar
40827
40827
add a comment |
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197976%2fwhy-can-others-read-files-by-default-in-ubuntu%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown