CHPC ANNOUNCEMENT: Change in top level home directory permission settings
Date Published: December 14th, 2023
In order to improve our overall security position, on Monday December 18 CHPC will deploy a script that will run through all top-level home directories and
reset permissions as discussed below. This script will be run hourly, as a cron job.
In the general environment, the script will set all top-level home directories (the directory that ends in the username or uNID, e.g., /uufs/chpc.utah.edu/common/home/uNID) such that no group or other (world) level write access will be allowed. If any individual user has stricter access permissions already set at this level, these stricter access permissions will remain in place. If a user has less strict access permissions, the permissions will be changed to this level.
In the general environment, the script will set all top-level home directories (the directory that ends in the username or uNID, e.g., /uufs/chpc.utah.edu/common/home/uNID) such that no group or other (world) level write access will be allowed. If any individual user has stricter access permissions already set at this level, these stricter access permissions will remain in place. If a user has less strict access permissions, the permissions will be changed to this level.
In the protected environment, the script will set all top-level home directories (/uufs/chpc.utah.edu/common/HIPAA/uNID) such that only the user will have access (read, write and execute access) with ALL
group and other level access being removed. Note that for file sharing in the PE, the project space should be used.
Please note that this permission setting will NOT be run recursively through the entire contents of the home directory but will only be set for the top-level directory.
Any user will still have the ability to provide access to others at an individual directory/file level below the top-level home directory. If you have any questions on how to set this, please reach out to chpc for assistance, via helpdesk@chpc.utah.edu.