> drwxr-xr-x 7 nobody home 4096 Mar 13 11:15 > /home/sites/home > > to > > drwxr-xr-x 7 admin home 4096 Mar 13 11:15 > /home/sites/home > > (Command chown -R admin home)
That won't help the fact that the directory is still set world-executable and world-readable. The problem depends on as which user your web server runs after it's started in rc?.d If that user is in group 'home', then you can safely change your directory to be non-world exe / read and not fear other people cd'ing into it. If the effective userid of the web server is *not* in group home, then doing that chmod will prevent no only user alfred1 from cd'ing into it and/or reading files therein, but also prevent the web server from doing the same. This is probably not what you want to do. tim -- Mechanical Engineers build weapons. Civil Engineers build targets. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
