Users can access other users home directories without permission

Hello

I must be doing something wrong.
I have created a second and third user in mate 20.04, a desktop user not an admin or a custom user, and that user is able to access other users home directories from the command line and even copy that users data, also able to access root as well, no password needed.
How come this is able to happen?
Have I messed something up when adding a new user?

Thanks in advance

Hey :slight_smile:
Please share with us the output of :

ls -lt /home/

Connect with the user that has this superpowers and show us output of :

┌─[✗]─[ole[email protected]_apbook04u]─[/home]
└──╼ $ whoami 
olek
┌─[[email protected]_apbook04u]─[/home]
└──╼ $ sudo date
[sudo] password for olek: 
jeu. 25 juin 2020 11:27:16 CEST

Next you can check groups that your user is member :

┌─[✗]─[[email protected]_apbook04u]─[/home]
└──╼ $ groups olek
olek : olek adm cdrom sudo dip plugdev lpadmin lxd sambashare

Hi,
Do not worry, please. You are doing correctly. The matter is that Ubuntu default permissions for home directories allow access for other users.
Manual page on useradd command reads, in particular:


and skeleton permissions are

Hallo

You do not seem to have done anything wrong - what you seem to have discovered is a feature of Debian's multi-user mode. Ubuntu, and therefore Ubuntu-Mate, are based on Debian.

"The beginner handbook - Debian 10 Buster",

available here:
[https://lescahiersdudebutant.arpinux.org/buster-en/download/the_beginners_handbook.pdf]

states in section 10.2.1

"10.2.1 Limit the access rights of others on your data
If you use Debian in “multi-user” mode, the data of the other users are readable by you, and yours too, by necessity. You may want to restrict the other users access rights to some of your data."
...
"The graphical procedure is easy to execute (no need to open a terminal):
right-click on the folder > properties > “Permissions”.
Select the “None” option for the “Others” access rights: A window will ask you if you want to apply these modifications to all the files and folders embedded within the concerned folder, and we advise you to accept, in order to protect the full set of data included inside this folder."

Applying this to Ubuntu-Mate,

  1. open Caja (the file manager), in the left-hand pane select "File System", then in the main pain the "home" folders will appear for all users on the computer.
  2. Right-click on the home folder of the user for whom you wish to restrict others access.
  3. Select "Properties".
  4. On the "Permissions" tab for the "Others" set Folder and File access to "None", and click on the button "Apply Permissions to Enclosed Files".
  5. Close the the "Properties" window.

I hope that helps. :slightly_smiling_face:

1 Like

Hi, thanks this sorted it out. Strange its set up like that but its ok.
Thanks for the easy to follow steps too thanks.
Problem solved

Hey, thanks for the reply, one of the comments below sorted the question, thanks for your input.