Default owners/permissions of files in user home directory

permissions home-directory

NO file in ~ has to be owned by root.

If a software requires that a file in your home directory be owned by another user, it is a bug and should be reported as such.

Other than that, a common case involves two security-related software that require restricted permissions on certain files, namely:

  1. SSH
  2. GPG

SSH

See man ssh, section FILES:

 ~/.ssh/config
     This is the per-user configuration file.  The file format and
     configuration options are described in ssh_config(5).  Because of
     the potential for abuse, this file must have strict permissions:
     read/write for the user, and not writable by others.  It may be
     group-writable provided that the group in question contains only
     the user.

 ~/.ssh/identity
 ~/.ssh/id_dsa
 ~/.ssh/id_ecdsa
 ~/.ssh/id_ed25519
 ~/.ssh/id_rsa
     Contains the private key for authentication.  These files contain
     sensitive data and should be readable by the user but not acces‐
     sible by others (read/write/execute).  ssh will simply ignore a
     private key file if it is accessible by others.  It is possible
     to specify a passphrase when generating the key which will be
     used to encrypt the sensitive part of this file using 3DES.

Other files like authorized_keys, known_hosts, etc. should be writable only by the user, but can be world-readable.

GnuPG

~/.gnupg (and contents) should be accessible only by you. With other permissions, GPG will complain about unsafe permissions.


In general files and directory in your home should be owned by you.
I have some strange root-owned files that are probably the result of executing sudo command; in fact there are programs that write things under $HOME (which well behaved programs requiring super-user privileges shouldn't do --- the effect is root taking ownership of files that should belongs to the user).
Normally deleting or re-owning them (depending on the file) does not create problems and often it solves some, like the infamous .Xauthority file --- and sometimes, after running sudo dconf-editor, you have things in configurations you can't modify anymore.

About special modes:

  • scripts must be executable, of course, at least to the owner;
  • so must be directories too (where x means right to cross);
  • .ssh must be drwx------ (0700) and the private keys in it -rw------- (0600)
  • if you have a Public directory for sharing, it should be probably drwxr-xr-x (read permission to anyone) or drwxrwxrwt (with write permission and sticky bit, for enabling writing).

... I can't think to anything more needing special treatment.

Related

Fresh Ubuntu 16.04 install, broken VMware Tools
How to start and stop VirtualBox guests via command line
Ubuntu bash functions..syntax error: "(" or "}" unexpected
Which theme is this and how to get it on Ubuntu 16.04?
A tool to get window dimensions
Ubuntu: show what keys are pressed in real-time [duplicate]
Optical Character Recognition software recommendations?
How Do I Use a Photos Directory as my Screensaver?
How to extract/mount Nero images (nrg)
How do I prevent Dropbox from being automatically added to the autostart list after launching it?
Delete files from trash after x days
What's the difference between 'sudo [command]' and 'sudo sh [command]?