On Thu, 2004-08-05 at 18:16, [EMAIL PROTECTED] wrote: > Hi, > > I am learning a lot from this mailing list :). I have few shell users, i want to > restrict their shell login to their home directories. > > Like they should not be able to move around in the system and see other user's home > directories. > > Any suggestions would be usefull.
Hi, When you installed debian, you should have been asked "should home dirs be readable by others". If you answered no, then when new users are created, their home dir will automatically have permissions of rwx------, which means that no other user on the system can see their files. I believe this is even the default setting. [NB: perms of rwxr-x--- are also secure, provided each user has their own personal group setting]. If you answered "yes, home dirs should be readable by others" then when you added users, their home dir will be rwxr-xr-x, which allows others to see their files. This is often the default for "traditional" unix systems, like AIX. In this case, users (or you) can use chmod to make the home dirs unreadable. But generally, users *do* need access to the rest of the system. They need access to /bin, /usr/bin, etc or they won't be able to run even simple tasks like "cp", "more", etc. And unix is designed to allow users to access system dirs without any harm occurring. Note that users will be able to see that dirs /home/fred, /home/sue etc exist but won't be able to see anything in them if the permissions on those dirs are set appropriately. If you're really paranoid (and this can sometimes be healthy) you can look into something called "chroot", which means that when users log in, they get a special restricted view of the local filesystem. But this is a major pain to set up and administer. Only for the brave... Regards, Simon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
