What if I have each user's home directory as 700 and the contents with the default permissions? Is that ok/secure?
I have an http(s), ftp, and ssh/telnet servers running. When an unprivileged user logs in to the shell server (and I've logged in as one and tried this), they don't have access to the other users' homes. Would this affect anything that might try to access the user's home directory (since other users have no r/w/x access)? Is this ok?
Also... since my server is public (to some degree, public meaning someone else other than *me* has access), do you think it is ok to let unprivileged users read/"ls" most of my file system? I know that you can lock the user in a chroot "jail" to their home dir (although I haven't got that to work). Or should I not bother, because since they can't change anything, just read it? Plus any sensitive data would be in my home dir, right?
|