ITEM: F6243L

I do not want anyone to be able to ls in certain directories

Question:

I run a public access service and I want to be able to protect my users
identities.  I don't want anyone to be able to look at the passwd file
in order to find out the users identities.

Response:

First, change permissions on the /etc/passwd so that "others" cannot
cat the passwd file where userid's are listed.  Note that this will 
cause the users to be unable to use commands such as finger.

Next, change permissions so that the users cannot execute "who",
"rwho", or "w".

Now, the users could still find out the userids of others by doing:

ls /u

To prevent them from doing this, simply do:

chmod 711 /u

Now the users could cd to any directory such as their home directory,
but they would be unable to list the home directories of others.



Support Line: I do not want anyone to be able to ls in certain directories ITEM: F6243L

Dated: January 1994 Category: N/A

This HTML file was generated 99/06/24~13:30:51

Comments or suggestions?
Contact us