hi oscar,
afaik, the DIRECTORY permission drwx--x--x would
permit you to go to that directory but you cant "see"
(r) or "write" (w) any files on it... however, if you
know a certain file exists there, though you cant see
it thru normal 'ls -l', you can "see" the file by
specifying the filename you know as argument.
cd /home/anotheruser
ls -l
** you will get permission denied or wont see anything
ls -l .bashrc
**since you know there would be a .bashrc there, the
command will show you that there is that file
existing there. dont confuse the "directory"
permission "x" with the "file" permission "x" ... they
are not the same.
for experiment, you can try 766 for /home ... with
that permission, you wont be able to go to the /home
directory. though "r" and "w" are defined, you wont be
able to write nor read anything on that dir because
you CANT get to it in the first place. doing ls -l
/home/user/.bashrc wont do you any good either. this
would show you the difference.
if you want people not to be able to see nor write
anything to that directory, the directory permission
should be 700... its equivalent to 766 (logically).
just sharing ...
dianne
--- Oscar <[EMAIL PROTECTED]> wrote:
> Hi all,
> Maybe it is a security issue, or may be I'm wrong.
> I'm running LM 8.2
> In msec 3 level ("more secure"), the folder
> permissions for /home/* is
> 711, in other words, drxw--x--x
> Then, as NOT root, I can do it, for example:
>
> *********
>
> [oscar@localhost oscar]$ cd /home
> [oscar@localhost home]$ ls
> oscar anotheruser
> [oscar@localhost home]$ cat anotheruser/.bashrc
> # .bashrc
> # User specific aliases and functions
>
> # Source global definitions
> if [ -f /etc/bashrc ]; then
> . /etc/bashrc
> fi
>
> *********
>
> I think it is not secure, because I can see any file
> of other users if I
> know the name of the file.
>
> Now I'm running in msec 4 level. But I think we can
> edit
> /usr/share/msec/perm.3, put here a more logical
> permissions, and re-run
> 'msec 3'
>
> I hope that this information will be useful.
>
> oscar.
> --
> .-.
> oo|
> /`'\ Usuario de Linux Registrado #227443
> (\_;/) http://counter.li.org/
>
>
> > Want to buy your Pack or Services from
MandrakeSoft?
>
> Go to http://www.mandrakestore.com
>
__________________________________________________
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards�
http://movies.yahoo.com/
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
