Red HatThis forum is for the discussion of Red Hat Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I've taken off rwx permissions for other users on the whole file system, thinking that, in order to make the system "more secure", a good starting point will be to remove those permissions and add them where I see they're required.
What I didn't anticipate was the extent of where they're required. So I've had to set rx permissions for other all across the file system again, which I think aint good.
Are there guidelines for what's good practise for certain directories? Or is it ok to have rx on the whole file system? If not, which sections should they not be on?
If you are concerned about security on your file system, are you worried about from people in your home, on your computers, or over the internet? The permissions (as far as I know) will only apply to home network users.
In other words, I don't think you will "secure" yourself from anyone else, if you are the only user at home by changing permissions.
I don't have a solid grasp of the permissions yet either, as I wanted to open up all of my permissions downstream of my home dir, so my other user could access our common files. Well this caused many problems, and GNOME didn't even load. I went back and deleted my user name, and re-installed me, to re-assign the permissions.
So I probably haven't helped you at all, but I'm sure you will get help, these people on here are very quick, and very good!
What xjphil says is quite correct. Some sections/directories (like /dev) need to have rw perms for every user (since thery are devices) and others like /root wont be even seen by any other user, the x permision on the directory is set to only be usable by root. If you are concerned about personal data, just make sure the directories where these data are stored are set to the octal number of 0700, this menas that you, the owner of the files will have full access to them, but leave out every other user on the system (excluding root, of course!). If you don't even want to let other users (including you) from even viewing system configuration files (at /etc) you can set the permisions (to the files not the directory) to 700 as root (otherwise some programs won't be able to even run). A good place to look for info on this would be to go to the Linux Documetation Project's web page at www.tldp.org, and so some searches on google.