Quote:
Originally Posted by candyman123
chmod go-r /home
Won't this cause problems though? For example, if some of the users have personal webpages.
|
No, read permission (which allows listing) is not necessary. It is the execute permission which is the important one that allows access to contents.
But this doesn't really accomplish anything, since the list of users is stored in /etc/passwd and similar information is stored in other places.
Quote:
Originally Posted by candyman123
If I don't want other users going into other user's directories, can I safely apply:
chmod go-x /home/*
|
No, this
will prevent the web server from accessing it.
From what I understand you are trying to do, you probably want to give 701 permissions to all the home directories (chmod 701 /home/*), and make sure that all the users are in a "users" group, and have that "users" group be the gid of the home directories. That way the web server (which is not in "users") will still be able to access things in the home directories (but not list the home directory itself), and other users are denied all permissions.