Everyone has read access to user's home directories by default

The current behavior is a deliberate and publicly-known design choice, so this bug report does not need to be private.

I agree with you that it is a poor design choice, and private-by-default would be better.

Discussions elsewhere:
http://ubuntuforums.org/showthread.php?t=1210175
http://brainstorm.ubuntu.com/idea/6106/
https://wiki.ubuntu.com/SecureHome
https://blueprints.launchpad.net/ubuntu/+spec/secure-home

Sorry, didn't mean to make it private...

2009/10/26 Matthew Paul Thomas <email address hidden>

> The current behavior is a deliberate and publicly-known design choice,
> so this bug report does not need to be private.
>
> I agree with you that it is a poor design choice, and private-by-default
> would be better.
>
> Discussions elsewhere:
> http://ubuntuforums.org/showthread.php?t=1210175
> http://brainstorm.ubuntu.com/idea/6106/
> https://wiki.ubuntu.com/SecureHome
> https://blueprints.launchpad.net/ubuntu/+spec/secure-home
>
> ** Visibility changed to: Public
>
> --
> Everyone has read access to user's home directories by default
> https://bugs.launchpad.net/bugs/460490
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in One Hundred Paper Cuts: New
>
> Bug description:
> Mac OS X takes the proper approach of giving each user a "Public" folder
> that is read-only to everyone, and restricting access to all other folders.
> As it stands in Ubuntu, documents, pictures, movies, even saved passwords,
> etc... are accessible to everyone with an account on the same computer.
> Security by default and vulnerability by choice is a much better approach.
>

It seems like there is something of a consensus behind this. So why hasn't
it been changed to date?

2009/10/26 Calder Coalson <email address hidden>

> Sorry, didn't mean to make it private...
>
> 2009/10/26 Matthew Paul Thomas <email address hidden>
>
>> The current behavior is a deliberate and publicly-known design choice,
>> so this bug report does not need to be private.
>>
>> I agree with you that it is a poor design choice, and private-by-default
>> would be better.
>>
>> Discussions elsewhere:
>> http://ubuntuforums.org/showthread.php?t=1210175
>> http://brainstorm.ubuntu.com/idea/6106/
>> https://wiki.ubuntu.com/SecureHome
>> https://blueprints.launchpad.net/ubuntu/+spec/secure-home
>>
>> ** Visibility changed to: Public
>>
>> --
>> Everyone has read access to user's home directories by default
>> https://bugs.launchpad.net/bugs/460490
>> You received this bug notification because you are a direct subscriber
>> of the bug.
>>
>> Status in One Hundred Paper Cuts: New
>>
>> Bug description:
>> Mac OS X takes the proper approach of giving each user a "Public" folder
>> that is read-only to everyone, and restricting access to all other folders.
>> As it stands in Ubuntu, documents, pictures, movies, even saved passwords,
>> etc... are accessible to everyone with an account on the same computer.
>> Security by default and vulnerability by choice is a much better approach.
>>
>
>

There is no consensus that I'm aware of. Anyone can post a forum thread or make a wiki page.

I want to add my vote to Security on this issue... it is terrible to know that other users can read my home folder!