Am Samstag, 18. Januar 2014, 19:12:18 schrieb Bob Proulx: > Unix-like systems have been multiuser machines forever. Personally I > create accounts for people often and know that the file permissions do > their job to keep people restrictions presented. If I have files that > I don't want other people to see then I chmod those files to prevent > other people from seeing them. This really does work well. Yeah. I would just protect my home directories. As far as I looked everything sensitive thats installed into /etc via packages is protecting suitable. Like /etc/shadow for example. So I personally wouldn´t care if the user can peek around in the system a bit. My SSH server configuration is no business critical secret for example. Actually I have created a user for someone who I tought some Linux stuff so he can have a little server access. He has a mail account and SSH access as a user. I told him should he really find a hole to tell me, instead of abusing it. And the rest is confidence in the permissions system, in installing latest security updates and last but not least in the integrity of the user – knowing that there is no 100% guarentee. But then if I install a Wordpress and grant other users access and there is a security hole… one may also gain access to things I did not intended him or her to see. -- Martin 'Helios' Steigerwald - http://www.Lichtvoll.de GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
Attachment:
signature.asc
Description: This is a digitally signed message part.