Under linux, by default, when you add a new user, he has limited permissions. This is what you want.
To check what permissions user "joe" has on file (or directory) "filename", do the following :
first, determine what groups joe belongs to. To do that, type
It will return a (possibly empty) list of groups, like "joe : users cdrom audio video"
then, determine what ownership and permissions are put on file "filename". To do that, type
That will return something like
-rwxr-xr-x 1 joe users 1400 2005-03-15 11:24 filename
here you read that "filename" is owned by user "joe" and by group "users".
the sequence "rwxr-xr-x" tells you the permissions. The first 3 letters are the permissions of the owner (here joe), the 3 next letters are the permissions of every other member of the group (here the members of the group "users"), and the 3 last are the permissions of all other users.
r means read, w means write, x means execute for a standard file, and traverse for a directory.
You can also read that in a graphical file browser like konqueror.
If all your users have the same permissions as root, that's very, very bad !