From owner-freebsd-questions Sun Jan 31 12:17:04 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA14969 for freebsd-questions-outgoing; Sun, 31 Jan 1999 12:17:04 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from nyc-ny78-17.ix.netcom.com (nyc-ny78-17.ix.netcom.com [209.109.229.81]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA14950 for ; Sun, 31 Jan 1999 12:16:49 -0800 (PST) (envelope-from spork@ix.netcom.com) Received: from localhost (spork@localhost) by nyc-ny78-17.ix.netcom.com (8.9.2/8.8.7) with ESMTP id PAA95512; Sun, 31 Jan 1999 15:13:38 -0500 (EST) (envelope-from spork@ix.netcom.com) X-Authentication-Warning: nyc-ny78-17.ix.netcom.com: spork owned process doing -bs Date: Sun, 31 Jan 1999 15:13:30 -0500 (EST) From: Spike Reply-To: sporkl@ix.netcom.com To: Morris Allen cc: freebsd-questions@FreeBSD.ORG Subject: Re: Upstream Access In-Reply-To: <006d01be4d50$e23689a0$c97391d0@moe-rc.vidnet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- On Sun, 31 Jan 1999, Morris Allen wrote: > Hi: > > I have been using FreeBSD for 3 years now. I just installed the new > version of 3.0. The question I have has to do with security access: > > As in Novel when you set the security attributes, the user can view and work > from his directory down. But he/she can not move upstream to look into > directories above his or hers. > > Can this be done with FreeBSD? If so what is the command and could you give > me instructions on how to do it. My problem is, my users are going into > other users directories. I have the attributes setup so they can not write > or erase, but they are playing in system areas as well as other areas that > they do not need access to even view. So in other words, I want them to be > able to get into their homepage files and to have the ability to have their > files viewed from the net, but I want them contained into their > /home/directory and not able to snoop, in directories above theirs. Advance > warning, I am still a novice in the great world of FreeBSD. Any file you do not wish to have other users accessing should have the proper permissions. For instance, you may not want users going in to /sbin. So, chown /sbin to root and chgrp it to wheel, and then remove the last "x" permission bit. That way, people who are not root and who are not in wheel will not be able to see the contents of /sbin. You seem to want to make most important directories on the system (including users home directories) not other-executable. > > thanks > Morris Allen > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > -Spike Gronim sporkl@ix.netcom.com The majority only rules those who let them. -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBNrS5a531G6IEwnwxAQGm4gP/RcwEYN/2V9fOfL7oQ7vWNO8lMptXsy0i fbuG/CQr8s811Vs0Eh/E2amed4Sd76ydr4XTspCCeUhGm9kEUoixV5Y6m2QUgKpe gdrN2NjHqkycZwoP6eOe0N+Xmc8K0caB1rW55UpY0SvBsgduBx96T0S41orHN3kh A+CpT1UMq1s= =+Xnb -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message