Re: Lesson learned / file permissions
From: Andreas Janssen (andreas.janssen_at_bigfoot.com)
To: firstname.lastname@example.org Date: Wed, 20 Oct 2004 13:27:19 +0200
Olle Eriksson (<email@example.com>) wrote:
> In one of my moments last night I thought, why should any of the files
> in my home directory need to be world-accessible? I didn't think long
> about it before I decided to remove all read, write and execute rights
> for world. Before I did that, however (and thank god for that), I
> saved all the existing permissions to a file:
> $ find /home/username/ -xdev -printf "%m %p\n" > permissions.txt
> $ sudo chmod o-rwx /home/username/*
> $ sudo chmod o-rwx /home/username/.*
All files in your /home should be yours, so it should be sufficient to
run chmod as a user. BTW, you are lucky you didn't run the second chmod
with the -R option, like I did a while ago. .* also includes ..
> After that, all hell broke lose. I couldn't start any new KDE
> application, existing applications complained about insufficient
> rights, no temporary or session files could be written etc. I couldn't
> even access my home directory after I restarted. Luckily I was able to
> restore all previous file permissions with the saved file and got back
> into my user account this morning. So, lesson learned. Don't mess with
> things you don't need to mess with, make backups, and be less
> paranoid. :)
> I think it was the fact that /home lost all world-permissions that
> caused all the problems. Would you agree?
No. My home folder and everything inside is set to go-rwx.
> Secondly, by calling chmod with sudo, all the files owned by root that
> I as a user needed to see were now invisible. But they don't seem to
> be so many so I am wondering if that had any influence.
Aha. So there are files in your home folder, that you need, and that are
owned by root? Why? I guess the problem is that they belonged to root.
With the restrictive permissions, you could not access them. The change
I would make is not to make them world-readable. Instead use chown to
change the owner from root to olle.
-- Andreas Janssen <firstname.lastname@example.org> PGP-Key-ID: 0xDC801674 ICQ #17079270 Registered Linux User #267976 http://www.andreas-janssen.de/debian-tipps.html -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact email@example.com