On Tue, 28 Dec 1999, Kev wrote:
> > If, for whatever insane reason, you don't want your users knowing anyone
> > else's home directory, you can remove world read perms from /etc/passwd,
> > and make /home mode 511. Not that anyone would recommend that...
>
> of course, removing world read perms from /etc/passwd would break so many
> things it isn't even funny. One of the things that would be broken would
> be the shell.
Indeed. This is getting offtopic, but please don't suggest things that
you haven't tried. Messing with permissions on files and directories that
are used by a lot of applications is a recipe for disaster, and very
rarely add any security.
Unix is designed for users who mostly cooperate with each other. If they
need to be kept totally in the dark on an aspect of the system (e.g.
other users, information in /etc/password), your best option is to set up
a chroot environment for each of them. Then you CAN completely control
what they see.
--
Mark Rafn dagon@dagon.net <http://www.dagon.net/> !G
Received on Dec 28 1999
Intro
