# Is using /home as user home dir a security flaw?



## museur (May 18, 2020)

Does using the /home directory as user home directory create any security soft spot since Xorg and URxvt runs on root privilege?


----------



## SirDice (May 18, 2020)

museur said:


> Does using the /home directory as user home directory create any security soft spot since Xorg and URxvt runs on root privilege?


Why do you think it would be different if it was /usr/home? Why do you think this matters for the root user?


----------



## Deleted member 48958 (May 18, 2020)

museur said:


> Does using the /home directory as user home directory create any security soft spot since Xorg and URxvt runs on root privilege?


IMO, it's not a "security flaw", but just a bad practice.


----------



## Sevendogsbsd (May 18, 2020)

Why is using /home bad practice? I use /home<insert username here>, why is this different, or worse, than using /usr/home/<insert username here>?

Root user has nothing to do with this, btw...


----------



## Deleted member 48958 (May 18, 2020)

I've answered if to understand his question literally.
He asked "Does using the /home directory as user home directory..."
So using /home, as user home directory -- is a bad practice.
But maybe it's just some kind of a language barrier, I don't know, TBH.


----------



## Sevendogsbsd (May 18, 2020)

Could be: OP is referring to the fact x11/xorg runs setuid (?) I think I am saying that correctly - it actually has root perms but perms are set so normal user can execute. No clue what the reference to x11/rxvt-unicode is...


----------



## museur (May 18, 2020)

Sevendogsbsd said:


> Could be: OP is referring to the fact x11/xorg runs setuid (?) I think I am saying that correctly - it actually has root perms but perms are set so normal user can execute. No clue what the reference to x11/rxvt-unicode is...




Exactly why I was confused about. I'm sorry...


----------



## Sevendogsbsd (May 18, 2020)

No worries, as far as I know it's not a security issue. As for using /home/<username>, I can't see why that would be an issue. I cannot say why your x11/rxvt-unicode has instances running as root. Seems odd to me.


----------



## museur (May 18, 2020)

It is related to Xorg since I cannot run xterm which has no support of (setuid?) -I guess, since I cannot use it, it complains about something related to X11. I don't know if I should have to bridge something about Xorg's server auth or whatever else.


----------



## Sevendogsbsd (May 18, 2020)

Now I am confused - why would you want this? Run an X session as your normal user (not root), and run `xterm`. I do this all the time as an unprivileged user and have never had an issue,


----------



## Alain De Vos (May 18, 2020)

Just to note the hier of linux and openbsd specifies "/home". Is this better , I don't know for making backups . Maybe ?
[But this is not related in any way to security]


----------



## museur (May 18, 2020)

Sevendogsbsd said:


> Now I am confused - why would you want this? Run an X session as your normal user (not root), and run `xterm`. I do this all the time as an unprivileged user and have never had an issue,


I am not starting X with root, I am using my underpreviliged user account that is in wheel et cetera.

xterm says:

```
X Error of failed request:  BadMatch (invalid parameter attributes)
  Major opcode of failed request:  1 (X_CreateWindow)
  Serial number of failed request:  62
  Current serial number in output stream:  70
```

Not sure if related, I'm a newcomer to FreeBSD.


----------



## Sevendogsbsd (May 18, 2020)

Well that's odd. X is running?


----------



## museur (May 18, 2020)

Sevendogsbsd said:


> Well that's odd. X is running?


Ofcourse.


----------



## Sevendogsbsd (May 18, 2020)

What window manager or DE?


----------



## museur (May 18, 2020)

Bspwm vanilla.


----------



## Sevendogsbsd (May 18, 2020)

I have to bow out - this is beyond my troubleshooting ability. There are plenty of experienced folks here that should be able to help.


----------



## zirias@ (May 18, 2020)

The topic shifted a lot here. Maybe you should abandon that (question answered, there's no security flaw directly related to where you put your home directories) and start a new thread asking about your actual problem (choose a good title and give enough details for increased chances)? And next time, don't ask about your suspicions, at least not before describing the actual problem? No offense, I just think it's better for getting help.


----------



## Deleted member 48958 (May 18, 2020)

Your Xorg isn't configured correctly (probably your graphic card driver issue).
Use search engine to find your issue fix. Also check https://www.freebsd.org/doc/handbook/x-config.html


----------

