Vulnerability Development mailing list archives
Re: ssh quirks...
From: dagon () DAGON NET (Mark Rafn)
Date: Tue, 28 Dec 1999 11:37:49 -0800
On Tue, 28 Dec 1999, Kev wrote:
If, for whatever insane reason, you don't want your users knowing anyone else's home directory, you can remove world read perms from /etc/passwd, and make /home mode 511. Not that anyone would recommend that...of course, removing world read perms from /etc/passwd would break so many things it isn't even funny. One of the things that would be broken would be the shell.
Indeed. This is getting offtopic, but please don't suggest things that you haven't tried. Messing with permissions on files and directories that are used by a lot of applications is a recipe for disaster, and very rarely add any security. Unix is designed for users who mostly cooperate with each other. If they need to be kept totally in the dark on an aspect of the system (e.g. other users, information in /etc/password), your best option is to set up a chroot environment for each of them. Then you CAN completely control what they see. -- Mark Rafn dagon () dagon net <http://www.dagon.net/> !G
Current thread:
- Re: BSD chfn bug, (continued)
- Re: BSD chfn bug Stanislav N. Vardomskiy (Dec 25)
- Re: BSD chfn bug Michal Zalewski (Jul 21)
- ssh quirks... Scott D. Yelich (Dec 26)
- Re: ssh quirks... Ryan Permeh (Dec 27)
- Re: ssh quirks... Scott D. Yelich (Dec 27)
- Re: ssh quirks... C.J. Oster (Dec 27)
- Re: ssh quirks... Blue Boar (Dec 27)
- Re: ssh quirks... Ralph the Wonder Llama (Dec 27)
- Re: ssh quirks... LaMont Jones (Dec 27)
- Re: ssh quirks... Kev (Dec 28)
- Re: ssh quirks... Mark Rafn (Dec 28)
- Re: BSD chfn bug Warner Losh (Dec 27)
- any user can make hard links in Unix Benjamin Elijah Griffin (Dec 21)
- Re: any user can make hard links in Unix Bennett Todd (Dec 22)
- A Bug in the Recently Released BetaFTPD0.0.8pre7 (fwd) Bubonic (Dec 21)
- Possible MultiNet FTP server DoS problem. CyberPsychotic (Dec 21)
- Re: Possible MultiNet FTP server DoS problem. Lisa Napier (Dec 23)
- MSIE print feature Anonymous Anonymous (Dec 24)
- procmail / Sendmail - five bugs Michal Zalewski (Dec 23)