On Tue, 16 Sep 2003 02:19:16 -0500
"Matthew S. Hallacy" <poptix at techmonkeys.org> wrote:

> Do you trust every single program you run to not set a file g+rw? The
> issue isn't readable home directories, it's readable files, bad umask,
> and naughty programs that write group read/write-able files.
> 

Here's what happens when as a standard user on my Slack box tries to do an ls within another's home directory with files/subdirs that are set as 777:

sfertch at ttkd:~$ cd ../shawnf
sfertch at ttkd:/home/shawnf$ ls
/bin/ls: .: Permission denied

Here's the home directory permissions:

sfertch at ttkd:/home$ ls -al
total 29
drwxr-xr-x    5 root     root         4096 Aug 18 10:59 ./
drwxr-xr-x   22 root     root         1024 Jul 22 07:37 ../
drwx------    2 root     root        16384 Feb 22  2003 lost+found/
drwx--x--x    8 sfertch  users        4096 Mar 25 08:33 sfertch/
drwx--x--x   21 shawnf   users        4096 Sep 16 05:16 shawnf/

I'm not saying which is right, or which is wrong.  I'm saying that this works for me, and I don't mind.  Again, I don't keep critical personal information on my systems.  If I need to set tighter security I will on the homedirs.

-- 
Shawn

  The difficult we do today; the impossible take a little longer.

  Ne Obliviscaris --  "Forget Not"

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list