Bug 160644 - useradd creates 0755 home directory
useradd creates 0755 home directory
Product: Fedora
Classification: Fedora
Component: shadow-utils (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Vrabec
David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 2005-06-16 06:26 EDT by Manuel Pelayo
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-07-05 07:06:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Manuel Pelayo 2005-06-16 06:26:51 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4

Description of problem:
When you use the useradd command to create a new user, the new home directory is created with 0755 rights.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Create a new user ex: foo
2. useradd foo
3. See the /home/foo directory

Actual Results:  # ls -l /home
total 8
drwxr-xr-x   2 foo    foo    4096 jun 16 12:00 foo

Expected Results:  # ls -l /home
total 8
drwx------   2 foo    foo    4096 jun 16 12:00 foo

Additional info:

Add this new line in the '/etc/login.defs' file to solve this :
UMASK 0077
Comment 1 Dario Lesca 2005-06-20 06:15:27 EDT
Also the first user created during the firstboot panel is created with 0755 rights.
Then after first user login remeber to do a "chmod -R go-rwx ~".
Comment 2 Peter Vrabec 2005-07-05 07:06:49 EDT
It's not bug. Everybody can set useradd to use different umask. I think it's 
good to stay using default mainstream umask 
Comment 3 Gene Czarcinski 2005-07-25 11:03:12 EDT
Red Hat has enough modifications to shadow-utils to make this silly NOT to fix
this security problem!

In any case, use the luseradd command from the libuser package ... it creates
the user with the correct permissions (700) and selinux attributes.

Note You need to log in before you can comment on or make changes to this bug.