iB::Topic::Set permission to NO browse out of /home directory

	Damn Small Linux :: Damn Small Linux Board The DSL Forums

» Welcome Guest
[ Log In :: Register ]

Damn Small Linux Board » Damn Small Linux » Other Help Topics » Set permission to NO browse out of /home directory

		Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
		Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic

Pages: (3) </ 1 [2] 3 >/

[ Track this topic :: Email this topic :: Print this topic ]

Topic: Set permission to NO browse out of /home directory, Can this be done?

< Next Oldest | Next Newest >

AwPhuch

Group: Members
Posts: 1404
Joined: April 2004

Posted: Jan. 24 2006,23:56

in frugal mode you could chmod -R 700 the /home directory, this will eliminate anyone from being able to view anyone elses directories

Brian
AwPhuch

--------------
http://www.frappr.com/dsl <-- Where do you use DSL?
http://www.smoothwall.org <-- Ultimate firewall for the world!
http://boinc.mundayweb.com/one/stats.php/userID:6107 <--My BOINC stats!
./S99LinuxRevolution start

mikshaw

Group: Members
Posts: 4856
Joined: July 2004

Posted: Jan. 25 2006,02:16

It does not, however, restrict the user to a single directory.

In the DOCUMENTATION of betaftp, there is a bit about the rights file, which sounds to me what you need.

Quote

The `.rights' file is laid out as follows:

privilegied.file rw-r----- 0 1
(filename) (rights) (uid) (gid)

For any file not in the list, the special case `.default' is checked. If there
is no such file, _no access is permitted_, and the file will _not show up in
directory listings_. This is in fact handy in most cases, so be careful with
adding a `.default' entry. (Note that `.rights' is never influenced by a
`.default' entry, for security.)

For directory permissions, the file `dir/.rights' is checked for the entry `.'.
Yes, I know, treating them like normal directories would be great, but
remember that there is a root directory as well...

The rights are standard r, w and x for now, no setuid, setgid or sticky bit
unless we really need it. (We could perhaps need the sticky bit later.) Be
careful with the format of the `.rights' file, as everything you set in the
rights column will be copied directly to listings. Restrict yourself to
those 9 characters, no more, no less, and only use r, w, and x.

--------------
http://www.tldp.org/LDP/intro-linux/html/index.html

icpeanuts

Group: Members
Posts: 32
Joined: Jan. 2006

Posted: Jan. 25 2006,05:39

I read the infomation. I still do not understand how you can use it. Can you explain how/where I can edit/put the file to limit user browsing out of home dir?

Thanks.

mikshaw

Group: Members
Posts: 4856
Joined: July 2004

Posted: Jan. 25 2006,14:49

I'd have to test it out in order to say for sure, but perhaps an entry ".." might control users' access to higher directories. I'm pretty sure the .rights file goes into the directory to which it applies.

--------------
http://www.tldp.org/LDP/intro-linux/html/index.html