The officially official Devuan Forum!

You are not logged in.

#1 2023-09-09 10:23:23

bai4Iej2need
Member
From: Ortenau
Registered: 2021-04-25
Posts: 109  

superseded by changes to adduser

Sorry, This contained false information.

Last edited by bai4Iej2need (2023-09-16 04:16:09)


The devil, you know, is better than the angel, you don't know. by a British Citizen, I don't know too good.
One generation abandons the enterprises of another like stranded vessels. By Henry David Thoreau, WALDEN, Economy. Line 236 (Gutenberg text Version)
broken by design :
https://bugs.debian.org/cgi-bin/bugrepo … bug=958390

Online

#2 2023-09-09 10:30:45

stopAI
Member
Registered: 2023-04-04
Posts: 173  

Re: superseded by changes to adduser

bai4Iej2need wrote:

This thread
I do two things on each new install:

  • 1. security

     chmod 700 /home/*/ 

The main problem I can think of is that that command will set the execute bit on all files, even those that aren’t executable.  So, if you have a file called foo, and someday you want to do cat foo or print foo and you accidentally type just foo, the shell will try to execute foo; i.e., interpret it as a shell script. 

This will probably just explode in your face harmlessly, but if foo contains anything that looks like a shell command, you could get harmful results.

A lesser issue is that if you have a file that you want to preserve, and last year you did a

chmod 444

to protect it from yourself,

the chmod 700

will restore your write bit, and make it easier for you to clobber the file accidentally.

The solution to both issues is to do

chmod go= -R ~

or

chmod go-rwx -R ~

which will turn off all bits for group and others, but leave your access alone.

Offline

Board footer