The development of Ubuntu 21.04 is in progress for its stable release on April 22, 2021. One of the proposed changes in Ubuntu 21.04 is to make the users’ home directories private.
Private home directories? What does it mean?
I hope you are aware of file permissions. If not, I have written a detailed and easy to understand guide to Linux file permission and I suggest you read that.
Most people probably never noticed it but the home directory in Ubuntu has the permission 755 i.e. rwxr-xr-x.
What it means is that if there are multiple users on the same Ubuntu system, they can enter home directory of other users and read the files stored in it. They cannot modify these files or execute them, however.
I think this is the common practice in many Linux distributions as this allows to easily share files between users on the same Linux system, specially in a server environment.
If this was the usual practice so far, why change it now?
Making home directory private adds a security layer
As Alex Murray of Canonical points in the announcement, in the cloud and server environment, usually, there is one admin account and several worker accounts.
In a rare case, if the worker account is compromised, the attacker can easily access sensitive data from the home directories of other users and the admin accounts.
This is the reason why the home directories in Ubuntu 21.04 will have permission 750 instead of 755.
This means that other users on the same system cannot enter the home directories of other users or access and read their files. In cases, where a set of users were created as part of the same default group, they can still access home directories. By default, in Ubuntu, each user has its own default group with the same name as the username.
Won’t impact users upgrading to Ubuntu 21.04 from previous versions
This change will not bother you if you are upgrading to Ubuntu 21.04 from 20.10. It is only applicable to fresh Ubuntu install. The change will be tested before the next LTS release in 2022.
There is also the issue of useradd and adduser command at this stage. The new rule will be respected by the adduser command but that might not be the case with the useradd command.
You can follow the discussion thread for more details on this change.
Please use the comment section to voice your opinion and concern on this topic.
Here's why you should opt for It's FOSS Plus Membership
- Even the biggest players in the Linux world don't care about desktop Linux users. We do.
- We don't put content behind paywall. Your support keeps it open for everyone. Think of it like 'pay it forward'.
- Don't like ads? With the Plus membership, you get an ad-free reading experience.
- When millions of AI-generated content is being published daily, you read and learn from real human Linux users.
- It costs just $2 a month, less than the cost of your favorite burger.