[Mageia-discuss] Home directory permissions
Jeff Robins
jeffrobinssae at gmail.com
Mon Dec 12 04:35:03 CET 2011
Johnny,
Thank you. I was able to alter the file and run "msecpaerms -e".
I noticed that a Mandriva System had the same settings, except for an
account that I added a long time after install, versus during the install.
--Jeff
On Sun, Dec 11, 2011 at 6:44 PM, Johnny A. Solbu <cooker at solbu.net> wrote:
> On Monday 12 December 2011 03:19, Jeff Robins wrote:
> > Can I safely change the permissions to '700'?
>
> Sure, but in a minute or so msec may revert the changes.
>
> I would change it in /etc/security/msec/perms.conf (Perhaps
> /etc/security/msec/perm.local can be used) and run msecperms afterwards.
> ===
> /home/* current.current
> 700
> ===
> Then msec will from now on automatically enforce the permissions to what
> you want.
> (Note: The spaces between the tree fields are TABs in my file, and not
> spaces. Also, "current.current" means that msec wont change the owner of
> files and folders. In /home/ you really don't want msec to automatically
> change ownership of files, or yourt users will be angry :-)= )
>
> To get a grasp of some of the currently forced entries and what you can
> do, look in the various config files in /etc/security/msec/.
> If you have the default security level, the *.standard are the files you
> want to look into. (I think) "*.local" overrides the default values.
>
> I use this to enforce customized access restrictions on a couple of
> programs, so the few users who have access to my gateway don't have access
> to telnet and nmap unless they are members of a special group that I've
> setup.
>
> --
> Johnny A. Solbu
> PGP key ID: 0xFA687324
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-discuss/attachments/20111211/b42a4d0b/attachment.html>
More information about the Mageia-discuss
mailing list