Date: Sat, 27 Jun 1998 12:43:55 -0500 (CDT) From: Jeff Lynch <jeff@mercury.jorsm.com> To: freebsd-isp@FreeBSD.ORG Subject: Re: Homedir 'hiding' Message-ID: <Pine.BSF.3.95q.980627114211.22203B-100000@mercury.jorsm.com> In-Reply-To: <199806271542.LAA02817@bilver.magicnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 27 Jun 1998, Bill Vermillion wrote:
> >
> > > Try to 700 the parent directory (/home)
>
> > If you turn off read access to the world to home dirs, user
> > "nobody", will not be able to read public_html to dish out their
> > home pages.
>
> On a directory 'read' access means being able to list the
> directory. By having execute permission only on a directory you
> can read/execute files in that directory by specifying the path
> name to the file. If you type ls nothing happens. If you type
> ls <protected dir>/filename you will see the file. Wildcards don't
> work.
I stand corrected. Also note that execute perms for other is required
on:
/home
/home/username
/home/username/public_html
I seem to remember perms not working this well in my old ATT
System V R3 days. Perhaps it's just old age setting in. Thanks for
pointing it out. I just reset things on our end with:
find /home -type d -path "/home/*/public_html" -exec chmod o-rw {} {}/.. \;
And modified our home-brew newuser script to
chmod 751 /home/$userdir /home/$userdir/public_html
=========================================================================
Jeffrey A. Lynch JORSM Internet
email: jeff@jorsm.com Northwest Indiana's Full-Service Provider
Voice: (219)322-2180 927 Sheffield Avenue, Dyer, IN 46311
Autoresponse: info@jorsm.com http://www.jorsm.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.980627114211.22203B-100000>