Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I am new to Linux and I need some help on user accounts. I would like to create an account for a friend of mine with just read acess to directories. I have created the user with the utility Webmin but I can't find an area to specify any types of permissions/privledges. I logged in with the account I created for him and it basically gives him root access. It allows him to delete files/dirs ctc. Any help would be greatly appreciated.
Well it is very weird but in order to connect to our home comptuers from behind our work firewall, we must first use SecureCRT to connect to a linux box and then configure port forwarding within SecureCRT. I was hoping there was a way to lock him in his home directory and don't want to give him the ability to navigate to other dirs...
Well that would be the problem I guess ......I bet you can already guess my next question...LOL.....I logged in with his user and he is able to navigate to my home directory. Any idea how I can set the rights on my home diretory so I can only view it?
Well since I assume you want Apache to be able to get to /home/jeff/public_html but not your friend. Off the top of my head you have two options.
1) Give the Apache's primary group access to your home directory (chgrp www-data /home/jeff and chgrp -Rf www-data /home/jeff/public_html) and then remove access from 'other' (chmod -Rf o-rwx /home/jeff).
2) Leave the ownership the way it is and just restrict your top level home directory. Apache just really needs execute permission on the directories leading up to public_html to be able to get into it, so you could run "chmod o-rw /home/jeff" and whenever someone tries to get a file list from /home/jeff they'll get Access Denied. But if they know that public_html exists, they can still get to it.
i believe that you're trying to do all of this from a command line? or are you using a browser interface?
if you're using a command line, and/or a browser you can just set up acls, access control lists. if you're using reiserfs then you're going to have to rebuild your kernel to support it, if you're using ext3 or xfs then it's in there all ready.
you won't have to play with your apache settings for this.
also if you're using apache to see your /home/user files, then you have a big security hole in the first place.