security shock!

Hi all.

Today i`m see on my openSUSE 11.1 system some crazy security hole.

This simple. When i`m logged in as some user (not root), i can look inside another users directories, and i CAN READ AND COPY some data files…???

I`m never see this in Linux distros before. Any distributive, any linux have the strong permissions structure. Only root can look inside the all users directories…Why this was changed? I create some user trough “yast2” utils, and any user can “cd” inside any “home” and look in files??

Really stupid changes… I can read another users .bashrc files, look into “Documents” folder…

Who change this?? May be this are virus? Or this is a new stupid feature?

I`m crazy or someone another? This was a clean installation, and i never change the permissions in /home users directories…

May be my system is hacked ?
WTF??

Possibly related to this?

(http://forums.opensuse.org/install-boot-login/408553-i-can-mount-partitions-arent-fstab-using-kwrite.html)

i have no idea how yours got that way, but i can assure you that what
you describe is NOT normal, and it is certainly not the way my 10.3 is…


assistant

Ah, don’t get so dramatic. Understand how Unix/Linux permissions work first.

How much each user wants to allow others to see can be controlled by the users themselves.

If a user wants to block others from seeing into her home directories, simply set the top directory (/home/<user>) to self read/write/access, i.e. rwx------, or mode 700.

  1. >> How much each user wants to allow others to see can be controlled by the users themselves.

I`m understand. But in all other distros no one user can chdir inside another user home dir.

I`m have clean openSUSE 11.1 distro installed on clean partitions - one for /, second for /home, and swap partition.

Just simple experiment right now

  1. i`m create some user (all options - by default)
  2. im run terminal. and "cd /home/someuser" dir - and.. All ok! Im do “ls -l” and im do "cat .bashrc". But some files is closed for reading! And some - is not! And im just can copy this files and read…

===
Second experiment:

  1. ssh -l myuser myremotemashine
  2. “yast” and "add user"e,t,c
  3. “cd /home/newuser” - and… It work! “ls -l” and other commands is work!

Two systems with one hole??
Im some "dramatic", of course, by .. I can login as "newCreatedUser" and read personal data in other /home/users directories. Right now. Im have a ext3 filesystems, of course.

And im never change the chroot -R and chmod -R of the /home dir, and users direcotries.. No crazy experiments. im have the some personal data, and really not like “games” with custom permissions modes.

Something is wrong… Im never see this before. Im need to learn some openSUSE 11.1 features?

Some can right now to try this simple thing?

The default permissions on the home directory for new users is something that can be set as a system policy. A search on “linux new user directory permission” found this article:

InformIT: Managing Users and Security in openSUSE Linux > User Accounts and Permissions

where it says:

Home Directory Permission Mode—By default, permissions for files in the /home directory are set at 755 (rwxr-xr-x). If you would like other system users to have Write permission, change this to 775

If you are paranoid, change that to 700.

BTW, you don’t need a chmod -R, just a chmod 700 $HOME will do. That’s how Linux permissions work, all the directory permissions starting from / are taken into account.

And to set this as a system policy whenever a new user is added via useradd, which means also via the CLI, read man login.defs, where it says:

UMASK (number)

The permission mask is initialized to this value. It is used by useradd and newusers for creating new home directories. If not specified, the permission mask will be initialized to 0077.

And in fact, if you look in OpenSUSE’s /etc/login.defs, it’s set to 0022, so it’s more permissive than the compiled default. Change that to 0077 if you want home directories created mode 700.

ken_yap thanks for the hint.
But i`m need some time for 1.-learning new rules and 2.- change the permissions and 3. give notice for my friends who use openSUSE 11.1 now.

Big thanks for answers…

p.s.
my be im paranoid, my be - not, but some data must be closed by default. Im understand - ext3 fs is absolutely not secured. Filesystem is must be strongly encrypted by AES or BlowFish.

This problem is about a some linux philosophy, may be.

Only ROOT can look inside.

What motivation for change the default permissions mode?

Encryption is a separate issue. Maybe if you are worried about somebody taking away your disk and reading it.

There never was a change. The default policy has always been under the control of the system admin. Traditionally Unix/Linux systems have been used by small groups of people who want to share. Other distros may have different default policies. But if your situation is different, the tools to set the system policy are there.

The default permissions mode was changed for what?
for “without password files copying”? Or something another? When you work, for example, in financial structure, you must login-and-password for any little step. This normal. When you user - you must call admin before you install/login/look as someone other… When you work in mixed lan - you can put yours some credentials in home sub-directory (because you can`t put in the Root - and… And now someone from 40-100 users can read it “by default”? lol!

wow
Strange feature. May be i`m wrong? This is the first time, when i can look inside in other user homedir, from my user shell…

im never see this before in RedHat 7, 8 and 9. And Enterprise 4-5. Never see this in any Fedora-Core, and Debian distro. im cant understand motivation of this change.. May be im not correct?

What are you ranting about? What’s this unintelligible reference to Root? Linux/Unix permissions are fine grained, and can be set per directory and file, and the access rules propagate to all subdirectories also. Setting a subdirectory to 755 will not allow others to access its contents if a directory above is 700. Please learn how Unix permissions work before spouting off. The Linux kernel that SUSE distributes is no different from those in Ubuntu or Fedora where permissions are concerned. It’s just that those distros may have different default policies for new user $HOME, which can be changed by editing one place.

755 for $HOME has always been the default for SUSE distros. Anybody who plans to deploy SUSE should examine the default policy to see if it suits their situation. What suits you may not suit me. As I said, if you are the system admin, you can change the default policy. If a system admin cannot edit /etc/logins.def, perhaps he should find a new job. Maybe CIO. lol!

I use SuSE Linux from version 6.1. I remember all the user accounts created belonging to the “users” group and this gives advantage on file sharing between different users that log into the same Linux box. I’ve used other distros (for testing purposes) like Red Hat, Fedora, Ubuntu, Debian e.t.c. and yes, this was not their idea.
In SuSE (and openSUSE, of course) all the files that are first created to a user’s folder belong to the “users” group. If you want to share directories with other users (as most of the people that use a computer and have accounts for their family members) easily, then you would like that feature.
As already described by ken_yap the way to change that is very easy. So stop trying to find an issue where there is not one!
And, of course, when changing distro you have to put up with all the differences from your previous one. Don’t blame the developers. Every distro has its own ways and believes! That is OSS my friends.

As I said, if you are the system admin, you can change the default policy. If a system admin cannot edit /etc/logins.def, perhaps he should find a new job. Maybe CIO

You right of course, but im not admin. Really. im use any distro with encrypted fs filesystems for important data (with sshfs disks and some other nice stuff). But this is is for me only. i`m not afraid because this is a not hard, and filesystem permissions is not mostly important for me.

but :shame:
Im provide "openSUSE" idea some time ago for some peoples and this peoples are not skilled in unix!.. Im just afraid about this peoples.I think you understand, what i mean.

eliaschr:
As already described by ken_yap the way to change that is very easy. So stop trying to find an issue where there is not one!

i know, thanks. The many ways…But im talk about some simple *default* security rules! How many time you need (when you novice) for understanding the tons of mans pages? You can on-the-fly write custom ACL-s or chmod-chown? Yes, but when you skilled. I`m about not skilled peoples, who want some (illusion of course) personal HOME security…

And, of course, when changing distro you have to put up with all the differences from your previous one. Don’t blame the developers. Every distro has its own ways and believes! That is OSS my friends.

you rigth.
developers, im sorry, of course, but im just need now to be ready for answers giving :shame:

I wouldn’t be surprised if there is something in YaST to change the default permission for new $HOMEs. I’ll leave it to you to look.

I don’t see why everybody should use the defaults you want. My defaults can be just as valid as yours.

ken_yap, you absolutely right. But i think, system must be more closed by default… If someone want to open their $home, or something inside $home - he can learn about setting permissions and share personal $home only, or personal contents inside.

p.s. i really like openSUSE 11.1 - this really great distributive, and when someone ask me what i can recommend as “nice linux” - i`m without any doubt say “openSUSE”.

But some little innovations is make me confused ;):wink:

But i think, system must be open by default. If someone want to hide their $home, or something inside $home - he can learn about setting permissions and close up $home, or personal contents inside. :P:P

BTW it’s not an innovation. SUSE hasn’t done anything special to the Linux kernel. It’s been the default policy for years. And many other distros do the same too.

Hi,

as far as I know you can change the default permissions for creating a new account when you change the permissions of the /etc/skel directory which will be copied when a new user is created as the users new home. Maybe you also want to have a look at /etc/login.defs where the default umask is defined.

Hope this helps

Monex, big thanks for answer, but the most of my worrynes was about a massive installation on many computers. I mean the situation, when linux must be installed on 20-30-50 computers in one time, and this is a mixed domain with windows machines. And this is installed by man`s who not skilled.

i have the situation when one man ask me some time ago -
“look… something is wrong with filesystem. I can cd in another homes”
i say “this not FS, this strange system defaults” (and i think - whats wrong with permissions and what next surprise??)

i have the single user machine, and i dont check this. If i need to create user with special permissions, i can, of course, use useradd command with option -k or --skel, with path to alternative skel directory. This is the more flexible way, then rewriting default /etc/skel or login defs, because with custom skels you can specify many user permissions types, instead of one default permissions type.

Of course, any linux for the organisation structure must be step-by-step tuned, and for massive installations special DVD with custom autoinstall is needed. Of course, permission politics, ACL-s must be hardly considered, and if some data need to be hidden, this must also hard checked, and “what with defaults permission from distributive??!!” - is a child`s crying, of course, i know :slight_smile:

But this is not my problem, because im not admin. I just give answer sometimes, like you, but not on forum. Because im recommend openSUSE to some peoples. And now i`m ready for extremal brain attacks, because this peoples is “windows” peoples and no one want to read long manuals. You know what i mean.

Another words - really sorry for dramatic writing on head of topik, all ok.

Thanks a lot for answers.

If you were doing massive installs, you would use some method like autoyast where all these little details can be specified. You would need to plan this sort of deployment anyway, and if an admin gets a “security shock!” when doing such a large task, that person should quit as admin and apply for the job of pointy haired boss. lol!

(from real life, some time ago)

*- “Where is “my computer” icon and where is my drive D?? it contain my funny photos! i can`t found it!”

  • “ok. wait.” ( mkdir “/home/foo/Desktop/My Computer”;ln -s /mssh1t/w_D/ “/home/foo/Desktop/My Computer/D:”)
  • ok thanks! But what with icons??
  • Press this button and replace icon with any you like…
  • But… but… where is “find button”?? i`m not remember where i put my stuff…i need to search…"
  • just Ctrl-F or “Go-search for files” (gnome team thanks you… God save yours souls)
  • nice!! but…so…where is fanny dog?..“scratch scratch” - i like it!
  • Sorry im dont want to say this… This is a hardest pain for us…But little fanny dog is die…And magick man also die… Their souls in a commercial heaven now… And now… Sorry plz… (may be you…must…may be is Time for you also…??)
  • ok… But stay for minute! Where is… Where is my… (what? brain? Ctrl+F, or type “locate brain|grep something” ) where is my… Solitare?
  • Solitare? (wtf? yumex - cmon) This is yours solitare!
  • This is anoter solitare…:frowning:
  • This is the newest best solitare in the world. This is a king of solitares. Sorry, but funny dog eat your old solitare before dying. Old solitare is in heaven too. Bad dog.
  • ok… But… Where is my mp3 collection from drive M: ?
  • What is “drive M:” ?
  • I`m not remember :frowning:
    (thanks you! i love you! i love you!)
  • … Stop! This was a network drive mapped to me!
  • (doh) who was share?
  • hm… i`m remember only the name of album… Ctrl+F ?
  • Of cousre, you right, search or ask this man or something… bye
  • Stop! Stay for minute!!!
    (…back to hell plz back to hell…back to hell…plz back to hell…unstoppable hell…your voices in my head now…)*