messed up file permissions in home

ThreepWood · 2009-05-19 23:14:07

Aye Mates,

i did some permission changes on the WHOLE user home of mine, after adding a new user to my system.
That of course left me with tint not starting, and probably a whole lot of more stuff messed up...but still, i'm worried about loosening up the default security.

I was wondering...

1. if i should do copy /etc/skel to my home overwriting what is there (all the config changes gone of course)?
2. if i should add a new user/deleting the old one and just move my documents to that new home?

Is there a way to find out the permissions BEFORE i did change them?

One thing i'm curious about is, that the newly created user has a lot less (hidden) folders, than the one i was using till now...that makes me wondering, if installing with apt-get ALL users get instant access or do i have to give permissions to all of them?

How to recreate the default user of #!, the one that gets created at install?

Thanks for any thoughts..

anonymous · 2009-05-19 23:44:36

Just give yourself permission over your home folder:

sudo chown -R user:user ~/

Replace user with your username.

ThreepWood · 2009-05-20 00:13:51

Anonymous,

i mean i am still the OWNER the whole folder, but the "default" permission of system config files (and everything else) are messed up. By messed up i mean that i disabled others and group to read RECURSIVELY on the whole folder, that left me with tint non functional (i made that work again - it was the ~/.config/tint/tintrc). But the fact of this happening made me wonder what ELSE could be messed up??

Overwriting with the skeleton to get back system configs would work (backuping a few what i have already changed, and modding after to own the files), but i still have a lot more (non-personal data) stuff there what i dont know where they came from and who they belong...Probably installed apps made them for temps and logs and so on.

On the other hand creating a new user would allow me to at least get some error messages of these applications that the folders/files are missing (letting me know what to reinstall), do i?

I would love to hear pros and cons of doing one way or the other...
Letting everybody (user-group-others) do everything (read write execute) to ALL files in the folder seems a bit terrifying to me, and taking everything from everybody else than me-owner does leave some apps dead - like tint config.

iggykoopa · 2009-05-20 05:49:51

if your the only one using the computer chmod the home folder to 755 should be pretty safe security wise and should allow everything to work correctly. You can try 750 first if you don't want to be that permissive and see if all your applications still function correctly. (although all your programs should still run correctly with just the owner having access, since you the owner are running them, not sure why there would be issues)

edit: thought I would add incase you didn't know what the numbers mean it's permissions for owner then group then everybody. 7 is read, write, execute .... 5 is read and execute ... 0 is nothing. If you removed execute from a folder then it means that user or group can't list the contents of the folder, that may have been your problem.

Last edited by iggykoopa (2009-05-20 05:53:12)

ThreepWood · 2009-05-20 08:33:52

iggykoopa,

i'm a "single user" on my computer, but sometimes i have guests, thats why i made a guest account. I wanted to give no access to my personal files, so i decided to change my HOME (that was an aaawfully baaad idea) no-visible, thats where the problems started.
Everything went fine, until i found out that my account after logging in couldn't run the TRAY, although i did change nothing on the OWNER permissions.
My point was exactly the same as You say, running all the apps as owner shouldn't need extra permissions on none of the files, but it proved to be wrong...(see above). That's where i decided to ask the #! community.

Would chmod 750 recursively on the home set execute on otherwise read-write only files (documents, etc), would it?

I would like to have a web-server (or ftp to start) in the future, and i don't want to have security holes from the ground up..
Am i right thinking that user home folders doesn't contain nothing that could lead to compromise a system?
Or should i be worried?

Anybody on the /etc/skel type of solution?

iggykoopa · 2009-05-20 11:39:35

750 or 755 are pretty standard permissions, it isn't really an issue with non-executables like documents because they aren't executable by nature. The information in your home folder wouldn't comprimise the whole system, but there could be personally comprimising information there like cached passwords if you use that feature in firefox, also people may be able to change settings on you. as far as the web server here is a good check list of stuff for securing it http://mediakey.dk/~cc/howto-secure-apache/ , it doesn't say how to do the items on it but they are easy to look up. As long as you follow good security practices during the apache configuration I wouldn't be worried about people accesing your home partition.
Probably the easiest solution to your current problem would be back up your important info and make a new user, shouldn't only take a couple minutes.

ThreepWood · 2009-05-24 12:17:51

didn't had enough time to investigate further, although i noticed other strange behavior...
some (hungarian language specific) characters doesn't show up correctly for example in cfdisk (i remember not having seen strange stuff in there, although i might be wrong with this). The other day i wanted to mount an old finepix-camera drive, and i just got messed up "squared" chars and directories in filemanager.

I'm not sure to start a new thread about these, or could this be because of ~ files?
Are there any locale relative files stored over there?

(getting closer to make a new install...arrgh)

CrunchBang Linux

SEARCH

#1 2009-05-19 23:14:07

messed up file permissions in home

#2 2009-05-19 23:44:36

Re: messed up file permissions in home

#3 2009-05-20 00:13:51

Re: messed up file permissions in home

#4 2009-05-20 05:49:51

Re: messed up file permissions in home

#5 2009-05-20 08:33:52

Re: messed up file permissions in home

#6 2009-05-20 11:39:35

Re: messed up file permissions in home

#7 2009-05-24 12:17:51

Re: messed up file permissions in home

Board footer