On Tue, 2005-04-26 at 07:15 -0700, Randall R Schulz wrote:
Ken,
Read what I wrote. You'd have to enable execute permissions in all those leading directories for that to work. If you enabled execute _and_ read on those directories, then people could simply look at the directories and access those mail files.
But by all means, be as paranoid as you want. But you're much better off understanding how things work than applying some blanket "solution."
I fully understand how they work, I have working with unix/linux since 1989. The whole reason that unix/linux has been more secure than MS is because it restricted access to files only to the owner/root by default. The owner still has the ability to share their files to whomever they want but should not be the system default. Many places use linux as a server with many 100's of people having access. Now who do you trust? All I am saying is that this should -not be the system default. You can always run your home or personal at work machine they way you want. From a server stand point this is a no-no. How many people keep personal files in their home dir, most do. By default they are created 644 giving -anyone- the ability to view their private stuff without permission. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge