From owner-freebsd-isp Sat Jun 27 13:49:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA26597 for freebsd-isp-outgoing; Sat, 27 Jun 1998 13:49:09 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ultra1.dreamscape.com (ultra1.dreamscape.com [206.64.128.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA26572 for ; Sat, 27 Jun 1998 13:49:06 -0700 (PDT) (envelope-from swilson@mail.dreamscape.com) Received: from default (sA9-p11.dreamscape.com [207.198.13.203]) by ultra1.dreamscape.com (8.8.5/8.8.4) with SMTP id QAA18746 for ; Sat, 27 Jun 1998 16:49:03 -0400 (EDT) Message-Id: <199806272049.QAA18746@ultra1.dreamscape.com> From: "swilson" To: freebsd-isp@FreeBSD.ORG Date: Sat, 27 Jun 1998 16:48:09 +0000 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: Homedir 'hiding' References: <199806271542.LAA02817@bilver.magicnet.net> In-reply-to: Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Date: Sat, 27 Jun 1998 12:43:55 -0500 (CDT) > From: Jeff Lynch > Reply-to: Jeff Lynch > To: freebsd-isp@FreeBSD.ORG > Subject: Re: Homedir 'hiding' > On Sat, 27 Jun 1998, Bill Vermillion wrote: > > > > > > > Try to 700 the parent directory (/home) > > > > > If you turn off read access to the world to home dirs, user > > > "nobody", will not be able to read public_html to dish out their > > > home pages. > > > > On a directory 'read' access means being able to list the > > directory. By having execute permission only on a directory you > > can read/execute files in that directory by specifying the path > > name to the file. If you type ls nothing happens. If you type > > ls /filename you will see the file. Wildcards don't > > work. > > I stand corrected. Also note that execute perms for other is required > on: > /home > /home/username > /home/username/public_html > > I seem to remember perms not working this well in my old ATT > System V R3 days. Perhaps it's just old age setting in. Thanks for > pointing it out. I just reset things on our end with: > > find /home -type d -path "/home/*/public_html" -exec chmod o-rw {} {}/.. \; > > And modified our home-brew newuser script to > > chmod 751 /home/$userdir /home/$userdir/public_html > > ========================================================================= > Jeffrey A. Lynch JORSM Internet > email: jeff@jorsm.com Northwest Indiana's Full-Service Provider > Voice: (219)322-2180 927 Sheffield Avenue, Dyer, IN 46311 > Autoresponse: info@jorsm.com http://www.jorsm.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message