Limiting Access to your Home Directory

For old accounts, the default was to leave home directories and newly created files at 755 (user:rwx group:r-x other:r-x). We have changed the default behavior for new students to:

• 711 on the home directory (the -11 of 711 is because the www-data user needs to be able to get to your public_html folder and this is the easiest way for many reasons)
• 700 as the default for files created within the home directory
• 755 on the public_html directory
• 755 as the default for files created within the public_html directory

If you would like to adopt the new behavior, please run the following commands. Note that it may take a while depending on the number of files in your home directory.

cd "${HOME}"

find . -not -type l -not -path "./public_html*" -exec chmod o-rwx {} \;
find . -not -type l -not -path "./public_html*" -exec chmod g-rwx {} \;
find . -type d -not -path "./public_html*" -exec setfacl -d -m u::rwx,g::-,o::- {} \;
chmod o+x .
chmod g+x .

Please note that if you are using your home directory to share things with other users, this will break that functionality. It may also break any complicated acls you may have set. Use at your own discretion.