Paul Smith <phhs80@xxxxxxxxx> writes: > On Sat, Jul 13, 2013 at 3:47 PM, lee <lee@xxxxxxxxxxxxxxx> wrote: >>> chmod 755 /home >>> >>> But what about >>> >>> /home/psmith >> >> It depends on what you want. There is some tradition that home >> directories are readable for everyone and writable for their owners >> only. It may be a good idea to make them readable for their owners only >> --- or a bad idea like when you're exporting directories in homes >> through apache (which I think is a very bad idea). >> >> In case you have users in groups that need to access someones home >> directory, you may want to allow group access. When you have convoluted >> requirements, you may want to use ACLs to accomplish what you need ... > > Thanks, Lee. I have done the following: yvw :) > chmod 755 /home > chown psmith /home/psmith > chmod -R u=rwx,g=,o= /home/psmith > > I hope those have left my system secure! I'd be wondering what 'g=,o=' actually does. You may want chmod u+rwx,go-rwx /home/psmith and you probably do *not* want to set all files in /home/psmith to be executable for their owner like you set them with '-R u=x'. Be careful with chmod. About twenty years ago when I had my first Linux installation, I messed it up with chmod when I wanted to edit some files and it won't let me. I decided to re-install because all the permissions were messed up and some things didn't work anymore. That has been the only time I actually had to re-install a Linux distribution, except for when switching from i386 to amd64. Talk about reliability ... BTW, iirc there's also some settings for shells like bash that specify the default mode to use when creating files which you may want to look at. -- Fedora release 19 (Schrödinger’s Cat) -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
