[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Why can't I?

I totally agree.  I have been involved with Novell for several years, and
their default policy when creating a user is that they cannot see anything
other than their home directory.  It does make setting up a little harder,
but then isn't that why the idea of groups was invented?

Accounts group can only look at accounts files
Sales group can only look at sales files

I haven't been using Linux for all that long, and I have a long way yet to
go, but isn't this the reason for groups in Linus as well ?  We go to great
lengths to try our best to keep out intruders.  Why make it easier for them

The normal users on a system are generally not the problem.  It is the
curious ones who like to fiddle, and giving them less to fiddle with
inevitably leads to less damage and less work for the admin.


-----Original Message-----
From: Nick [mailto:nick@glimmer.demon.co.uk]
Sent: Wednesday, June 06, 2001 6:13 PM
To: debian-user@lists.debian.org
Cc: Auke van der Gaast
Subject: Re: Why can't I?

On Wed, 13 Jun 2001 16:40:56 +0200, "Auke van der Gaast" <deflect@chello.nl>

> I'm trying to restrict users' access to only their home dir
> (I don't want them to be able to see or reach / or even /home )
>     I've already wasted half a day on just that, I'd really appreciate
> it if anyone could tell me what to do.

I'd hate to see this thread to die without chucking my 2p into the pot (this
is just for fun, OK ?) :  what Auke asks is a perfectly *reasonable* thing,
but (as other posters have pointed out) unfortunately not generally
considered a good idea on Unix.

Auke's suggestion is in perfect accord with the generally accepted best
practice security stance : whatever has not been explicitly allowed should
be implicitly denied.  It's a variation of security through obscurity, and
as such is usually deemed as being of little absolute value by security
geeks because a determined & competent attacker will not be slowed much by
it ... but it still helps.

My personal opinion is that the multiple users of a system should never be
able to even detect the existence of what each other has (never mind see the
content) unless the owner has granted that permission.

And they shouldn't be able to *list* the contents of system software areas
at all, even if they're allowed to *execute* them.

However, in my experience the only systems that actually deliver that
possibility have been the mainframe operating systems I used to work on.


Reply to: