Ankush Grover wrote:
On 8/10/05, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
Ankush Grover wrote:
hey friends,
Can anyone tell me how to disabling viewing any user's home directory
contents or any directory contents from the browser.
If I do file:///home/user on the browser and then I can see the
contents of that user's home directory ,even any user can see the root
or any other user's directory.I want to avoid this ,how can i disable
this on my computer. I am using FC3.
But it is a secruity breach.I can't read the files normally as the
chmod is 770 on users /home/user but through browser I can read the
files.
You can read the files in a browser as a regular user that you can't
read just using "ls" in a terminal? If that's true then it is indeed a
security issue.
I did change the settings on home
chmod -R 700 /home/*
This will have made every file under /home executable. Is that really
what you wanted?
Now users can't view the other user's home directory through browser.
chmod 750 /home/*
or
chmod 770 /home/*
should also work, provided the home directories are set up the in
regular Red Hat/Fedora way, i.e. each user has their own group and their
home directories have the users' own group IDs.
Unix/Linux is designed to be open in this way. Regular users are
supposed to be able to read most directories and files.
If you want to stop users being able to access each other's home
directories, just make the home directory permissions 750 or 770.
If i change home directory permission to 750 and 770 then normal users
can't login it.
Sorry, I meant the permissions of each user's home directories, not the
/home directory itself.
Paul.
