{"id":2186,"date":"2021-01-16T07:20:37","date_gmt":"2021-01-16T05:20:37","guid":{"rendered":"https:\/\/www.virtono.com\/community\/?p=2186"},"modified":"2021-01-16T07:20:39","modified_gmt":"2021-01-16T05:20:39","slug":"ubuntu-21-04-tightens-rights-for-the-home-directory","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/ubuntu-21-04-tightens-rights-for-the-home-directory\/","title":{"rendered":"Ubuntu 21.04 tightens rights for the home directory"},"content":{"rendered":"\n<p>A\u00a0<a class=\"rank-math-link\" href=\"https:\/\/bugs.launchpad.net\/ubuntu\/+source\/adduser\/+bug\/48734\" target=\"_blank\" rel=\"noopener\">bug report from 2006<\/a>\u00a0leads with Ubuntu 21.04 \u00bbHirsute Hippo\u00ab to a change in the guidelines regarding the rights of the home directory.\u00a0So far, home directories have been given file rights 755 during installation.\u00a0This means that in addition to the user, the rest of the world can read and execute files.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-style-default\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"428\" data-attachment-id=\"2189\" data-permalink=\"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/ubuntu-21-04-tightens-rights-for-the-home-directory\/attachment\/ubuntu2104\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?fit=1400%2C800&amp;ssl=1\" data-orig-size=\"1400,800\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"ubuntu2104\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?fit=750%2C428&amp;ssl=1\" src=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?resize=750%2C428&#038;ssl=1\" alt=\"\" class=\"wp-image-2189\" srcset=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?resize=1024%2C585&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?resize=300%2C171&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?resize=768%2C439&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/ubuntu2104.jpg?w=1400&amp;ssl=1 1400w\" sizes=\"auto, (max-width: 750px) 100vw, 750px\" \/><\/figure>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/ubuntu-21-04-tightens-rights-for-the-home-directory\/#Absurd_reason\" title=\"Absurd reason\">Absurd reason<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/ubuntu-21-04-tightens-rights-for-the-home-directory\/#Design_over_safety\" title=\"Design over safety\">Design over safety<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/ubuntu-21-04-tightens-rights-for-the-home-directory\/#Better_late_than_never\" title=\"Better late than never\">Better late than never<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\" id=\"h-absurde-begr-ndung\"><span class=\"ez-toc-section\" id=\"Absurd_reason\"><\/span>Absurd reason<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The slightly absurd reason for this at the time was that most multi-user systems had a &#8220;certain level of cooperation, if not trust&#8221;.&nbsp;These systems would often be used in family and work settings and should not be overly restrictive in this regard.&nbsp;In the discussion of the bug on Launchpad, Colin Watson, who was then part of the installer team, was inaccessible to reasons of reason and alternative suggestions.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-design-vor-sicherheit\"><span class=\"ez-toc-section\" id=\"Design_over_safety\"><\/span>Design over safety<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>He rejected the suggestion of a shared folder on the desktop that was accessible to all users as an alternative on the grounds that this would cause unrest on the desktop and that a tidy desktop was ultimately an explicit design decision for Ubuntu.&nbsp;The suggestion to simply query the desired rights for the home in the installer was also rejected.<\/p>\n\n\n\n<p>In environments where sharing the content of the home directories is not desired, there are usually knowledgeable administrators who would adjust the rights accordingly.&nbsp;Mark Shuttleworth personally declined to&nbsp;<a href=\"https:\/\/bugs.launchpad.net\/ubuntu\/+source\/adduser\/+bug\/48734\/comments\/17\" target=\"_blank\" rel=\"noopener\">change the status quo<\/a>&nbsp;.&nbsp;In&nbsp;<a href=\"https:\/\/bugs.launchpad.net\/ubuntu\/+source\/adduser\/+bug\/48734\/comments\/21\" target=\"_blank\" rel=\"noopener\">another statement<\/a>&nbsp;on this bug, he wrote:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>The majority of users of Ubuntu systems either have exclusive use of the machine (personal laptop) or are sharing with friends and relatives.&nbsp;We assume that the people who share the machine are either trusted, or in a position to hack the machine (boot from USB!) Trivially.&nbsp;As a result, there is little to no benefit from the permissions you propose &#8230; Ergo, we stick with the permission as they stand today.<\/p><cite>Mark Shuttleworth<\/cite><\/blockquote>\n\n\n\n<p>The discussion has continued for the entire 15 years since the bug report was created and is now contributing to a change in the guideline.&nbsp;As Ubuntu&#8217;s&nbsp;<em>Security Tech Lead<\/em>&nbsp;Alex Murray wrote back in November&nbsp;<a href=\"https:\/\/discourse.ubuntu.com\/t\/private-home-directories-for-ubuntu-21-04-onwards\/19533?u=d0od\" target=\"_blank\" rel=\"noopener\">,<\/a>&nbsp;times have changed and security vs. convenience is rated differently than it was in 2006 with the increasing use of servers and public clouds.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-besser-sp-t-als-nie\"><span class=\"ez-toc-section\" id=\"Better_late_than_never\"><\/span>Better late than never<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>He therefore suggested&nbsp;<code>\/etc\/adduser.conf<\/code>adapting&nbsp;the file&nbsp;and delivering the home with 750 instead of 755 rights in the future.&nbsp;This leaves the owner with all rights, the group retains the rights to read and execute, and the rest of the world is left with nothing.&nbsp;Since there were no objections, he implemented the change.&nbsp;This only affects new installations and therefore leaves out older releases and upgrades to Ubuntu 21.04.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A\u00a0bug report from 2006\u00a0leads with Ubuntu 21.04 \u00bbHirsute Hippo\u00ab to a change in the guidelines regarding the rights of the home directory.\u00a0So far, home directories have been given file rights 755 during installation.\u00a0This means that in addition to the user, the rest of the world can read and execute files.<\/p>\n","protected":false},"author":4,"featured_media":2188,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[25],"tags":[],"class_list":["post-2186","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet-and-technology-news"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2021\/01\/Ubuntu_20.10_Groovy_Gorilla_Desktop-1.png?fit=3072%2C1728&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-zg","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":1259,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/installing-synology-assistant-on-ubuntu\/","url_meta":{"origin":2186,"position":0},"title":"Installing Synology Assistant on Ubuntu","author":"Daniel Draga","date":"November 10, 2017","format":false,"excerpt":"This article shows\u00a0how to\u00a0install\u00a0Synology Assistant\u00a0on\u00a0Ubuntu\u00a0.\u00a0The\u00a0Synology\u00a0Assistant is a small tool to disk or RackStations to locate the local network.\u00a0It facilitates the commissioning of a new NAS and connects after entering the user information to the web interface of the device.\u00a0In addition, any number of Synology devices can be monitored.\u00a0The use of\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/synology_logo.jpg?fit=815%2C230&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/synology_logo.jpg?fit=815%2C230&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/synology_logo.jpg?fit=815%2C230&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/synology_logo.jpg?fit=815%2C230&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":1222,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/upload-your-own-ubuntu-packages-to-the-reprepro-repository\/","url_meta":{"origin":2186,"position":1},"title":"Upload your own Ubuntu packages to the reprepro repository","author":"Shreyash Sharma","date":"November 2, 2017","format":false,"excerpt":"The following article shows the\u00a0uploading\u00a0of own Ubuntu packages in a\u00a0reprepro\u00a0repository.\u00a0The packages are transferred by\u00a0dupload\u00a0via scp to a folder on the repository server where they are processed by reprepro via an inoticoming job.\u00a0In the examples shown, the client is an Ubuntu 12.10, on the server is an\u00a0Ubuntuwith kernel 3.2.0-38 generic. How\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/debian_ubuntu_package.png?fit=245%2C270&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3330,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-ssh-keys-on-ubuntu-20-04\/","url_meta":{"origin":2186,"position":2},"title":"How to Set Up SSH Keys on Ubuntu 20.04","author":"George B.","date":"April 27, 2023","format":false,"excerpt":"In this tutorial, we will learn how to set up SSH keys on Ubuntu 20.04. Secure Shell (SSH) is a protocol used to securely connect to a remote server or computer. It provides a secure way to transfer files, execute remote commands, and manage remote systems. SSH keys are a\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":3856,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-apache-maven-on-ubuntu\/","url_meta":{"origin":2186,"position":3},"title":"How to Install Apache Maven on Ubuntu","author":"George B.","date":"September 9, 2023","format":false,"excerpt":"This tutorial aims to provide a detailed, step-by-step guide on how to install Apache Maven on Ubuntu, a popular open-source operating system. In the realm of software development, Apache Maven stands as a robust project management tool, widely embraced for its ability to handle project builds, reporting, and documentation from\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/09\/How-to-Install-Apache-Maven-on-Ubuntu-22.png?fit=360%2C240&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2897,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-apache-on-ubuntu-20-04%ef%bf%bc\/","url_meta":{"origin":2186,"position":4},"title":"How To Install Apache on\u00a0Ubuntu 20.04\ufffc","author":"George B.","date":"July 21, 2022","format":false,"excerpt":"What is Apache HTTP? The Apache HTTP Server is a free and open-source cross-platform web server software, released under the terms of Apache License 2.0. Apache is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation.\u00a0 Step 1 - Updating the system\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/what-is-apache-1.png?fit=1200%2C600&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/what-is-apache-1.png?fit=1200%2C600&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/what-is-apache-1.png?fit=1200%2C600&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/what-is-apache-1.png?fit=1200%2C600&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/what-is-apache-1.png?fit=1200%2C600&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1223,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/create-your-own-apt-repository-with-reprepro-on-ubuntu\/","url_meta":{"origin":2186,"position":5},"title":"Create your own apt repository with reprepro on Ubuntu","author":"Shreyash Sharma","date":"November 2, 2017","format":false,"excerpt":"With\u00a0reprepro\u00a0simple own\u00a0package repositories\u00a0can be created and managed.\u00a0The tool is located in the Ubuntu repositories and can be used to provide\u00a0your own packages\u00a0or to mirror existing repositories.\u00a0This article introduces reprepro and shows the structure of a simple repos on\u00a0Ubuntu Server.\u00a0For situations where complete repositories should be mirrored for deployment in their\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/deploying-with-super-cow-powers-hosting-your-own-apt-repository-with-reprepro-8-638.jpg?fit=638%2C479&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/deploying-with-super-cow-powers-hosting-your-own-apt-repository-with-reprepro-8-638.jpg?fit=638%2C479&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/deploying-with-super-cow-powers-hosting-your-own-apt-repository-with-reprepro-8-638.jpg?fit=638%2C479&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/2186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=2186"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/2186\/revisions"}],"predecessor-version":[{"id":2190,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/2186\/revisions\/2190"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/2188"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=2186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=2186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=2186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}