Re: Disallow other users from reading my $HOME
- From: green <greenfreedom10@xxxxxxxxx>
- Date: Wed, 6 Jan 2010 16:40:55 -0600
Ken Teague wrote at 2010-01-06 15:59 -0600:
On Wed, Jan 6, 2010 at 1:30 PM, green <[1]greenfreedom10@xxxxxxxxx> wrote:
For files that already exist, I would use
u=rwX,g=rX,o=
I do not know how that translates to the number.
Note that will leave execution bits on non-directory files that already have
them for some user.
I use umask 0027 so that new files have permissions -rw-r-----.
In his original e-mail, Mr. Cohen is looking for permissions so that other
users can not read or access his data. Correct me if I'm wrong, but that
pretty much leaves us with mode 700, umask 077.
Hmm, you are correct. I carelessly assumed that (1) any files owned by groups
other than his personal group (owned by other than user:user), and (2) any
users in his personal group, were that way for a reason.
But he probably doesn't want all his files marked as executable.
$ umask 0077
$ touch abc
$ ls -lh abc
-rw------- 1 user user 0 2010-01-06 16:36 abc
$ chmod 700 abc
$ ls -lh abc
-rwx------ 1 user user 0 2010-01-06 16:36 abc
So I change my suggestion to
u=rwX,g=,o=
Is that possible with numeric form (the execute bit)?
Attachment:
signature.asc
Description: Digital signature
- Follow-Ups:
- Re: Disallow other users from reading my $HOME
- From: Ken Teague
- Re: Disallow other users from reading my $HOME
- References:
- Disallow other users from reading my $HOME
- From: Dotan Cohen
- Re: Disallow other users from reading my $HOME
- From: green
- Re: Disallow other users from reading my $HOME
- From: Ken Teague
- Disallow other users from reading my $HOME
- Prev by Date: Re: Disallow other users from reading my $HOME
- Next by Date: Re: Disallow other users from reading my $HOME
- Previous by thread: Re: Disallow other users from reading my $HOME
- Next by thread: Re: Disallow other users from reading my $HOME
- Index(es):
Relevant Pages
|
