Excuse me for the typo in the title, it's, of course, a "TOOL" ;-)
I actually had a big problem last time I reinstalled: backuping my documents and files on a USB key, I reinstalled the OS.
But when I copied the whole thing on my new /home partition, every preferences folder had its permissions changed, so that no application would actually start.
I had to repair every single folder with its good permissions, which took me at least 3 hours.

Could we have a tool to repair the permissions all over the system, so that this kind of burden would be avoided (and it could probably speed up the system a little, if it repaired everything correctly)

When I changed my login password I had to manually change my keyring password also, otherwise I had to enter both my new password to login and then my old password to access my keyring.

It's seemingly small things like this that keeps ubuntu from being ready for the average windows user to switch to. I hope these details will be looked into for the next release.

This might be helpful for new users to linux.

I think there could be some kind of periodic check for open ports on the machine which are externally accessible. Judging by the forums, lots of people are experimenting with LAMP, and other services which will open ports. New users may not realize the implications of this, or may even forget that an application is listening on a given port.

Perhaps there could be some kind of weekly/monthly notification which pops up briefly as a reminder. This is similar in concept to logwatch, which sends email notifications about failed login attempts, among other things.

Personally, I would get tired of it pretty quickly, as I usually run netstat on regular basis to see what services are listening, but I am sure many are unaware about such information.

Caching of file information presents a security hole, performance hole, and a power sink for most users.

1. It is trivial to access meta information regarding the contents of encrypted partitions by simply gaining access to the caches stored by tracker, updatedb, and nautilus. Nautilus can be made smarter by simply using a directory local cache, and asking the user when permissions aren't available if home directory context caching is acceptable. Tracker and locate/updatedb should be disabled unless the user actually selects to enable them through some sort of administrative/package/add/remove type interface. When these things _are_ enabled it should be optional to use a ram based file system cache for this cached data which can not be swapped.

2. All three of these things are awful for performance when you don't need them (and most users don't with the exception of constrained nautilus caching). Furthermore, these components can access networked (samba/nfs/andrewfs/iscsi)/high latency (optical/usb)/limited lifetime (flash) devices. There is nothing that kills the throughput or interactivity of an interactive OS than this kind of random block device access.

3. These components should never be automatically run when the system is running from a battery (UPS or laptop). They all kill the battery life of every power hungry component (CPU/hard drive/chipset/...).

Nautilus file introspection is the worst possible performance sink, and should have some sort of check box in the GUI to be enabled/disabled (per directory?).


--- related security ideas include: ---
http://brainstorm.ubuntu.com/idea/7434/
http://brainstorm.ubuntu.com/idea/7436/

It would be nice if Ubuntu supported File POSIX Capabilities. It would be especially useful in the server edition, but also useful on desktop.

See here: http://www.friedhoff.org/posixfilecaps.html

Mark /dev, /etc, /lib, /proc, and /var as non-executable.

So that it will not be able to execute a file that resides in those directories, since those directories should never contain any executable files.

Also ~/.config should be non-executable.

This can increase security.

Is there any particular reason that I am not allowed to make passwords longer than 8 characters in the Remote Desktop settings menu? It just seems like a really silly and pointless restriction to me that could potentially weaken the overall security of the system by having a weaker than necessary password, and it should be removed.
Linux is supposed to be all about good security.

Deleting a file only removes the directory entry, but not the actual file.

This behavior is best for performance (and should remain the default). However, many programs create/delete *temporary* files which contain private data and can't be wipe'd by normal user space solutions.

The fastest and most reliable solution is to patch the kernel ext3fs driver to automatically wipe each deleted file (if this behavior is selected by the user via /proc).

This wipe/delete functionality could be seeded with a source/value (any eight bit value or /dev/urandom for example) combined with a number of passes. In addition to the obvious performance benefits vs. userspace solutions, having a journaling file system makes this important to implement at the kernel FS level. User space solutions (including glibc hacks) can't catch all of the temporary files.

--- related security ideas include: ---
http://brainstorm.ubuntu.com/idea/7434/
http://brainstorm.ubuntu.com/idea/7365/

Password management is central to security. In my opinion the best password management system is the open source KeePass Password Safe (keepass.info).

The linux port is already in the repository. The name is KeePassX (keepassx.org). The features are lacking compared to the windows version, but it is still a very functional program.

Improving KeePassX and including it as installed on default would be a very nice addition to Ubuntu.

Ubuntu server edition 8.04 has many security features _by default_, overall in kernel (http://www.ubuntu.com/products/whatisubuntu/serveredition/features/security)

Address Space Layout Randomisation, Stack protection, Heap protection, Non-executable memory, etc.

Please port these features to desktop edition for desktop users could enjoy too.