Peter, et al -- ...and then Peter Evans said... % % [Look, I'm a newbie, OK?] No problem. We like newbies :-) % % My computer -- SuSE 8.2 (and no other OS), for exclusive use by me -- is % totally unsecured. It's lucky that I don't keep my credit card numbers % on it. But I do keep other numbers on it, so. . . . Besides, there's a principle here! % % Today I finally ran out of excuses for not using chmod (or similar). % Rather than attempting to make some sweeping change, and therefore % perhaps messing up in grand style, I wandered down close to a few minor % twigs of a directory tree of stuff (XyWrite and text files, mostly) Excellent plan. % imported from my old 'Doze system, and typed % % chmod -v -R 600 * Heh. % % I quickly discovered the mistake there: a subdirectory has to be % executable. Thus I had to follow up with Yep :-) % % chmod 700 subdirectoryname OK. % % The Linux guides I've looked at -- quite a pile of them! -- are keen to % explain how to use chmod for this or that file, but don't talk % explicitly about trees that may include thousands of files. None of the A good concept to understand is 'recursion'. It comes up in *NIX all of the time. The nice thing about understanding it is that you suddenly understand the process for trees with thousands of files :-) % stuff in this tree is for the eyes of anyone other than me and my good % friend Mr Root. I can't see anything wrong with going to the top and typing % % chmod -R 700 * % % but I find something aesthetically (?) displeasing about "executable" % text files. Ewww. Ick, indeed. % % Well, I've started by going to /home and, since I'm "peter", typing % % chmod 700 peter % % Is that enough? (I doubt it.) If not, what's the recommended procedure? To keep people out? Yep. Nobody except root and you can get through that bottleneck, so unless you hardlink a file out to an open tree you should be fine. [Anyone who can hack his way in through that single point will also be able to see past any other permission barriers you erect, so worrying about what's below isn't particularly important.] % % (I do realize that there are many other major security considerations as % well, but I'm not asking for a potted guide to Linux security. For now, % just permissions.) Good enough. A good place to start is the chmod man page, accessed by man chmod and excellent reading. [In fact, although some people decry man pages and even I have occasional trouble with the sed man page, they are usually quite straightforward and VERY informative. It's a shame GNU has abandoned man for their texinfo garbage.] In it you'll find a discussion of symbolic modes (letters of permission groupings) versus absolute modes (the numbers you used above). In particular, I'm surprised nobody has mentioned the X bit settings; it's perfect for recursing down trees. HTH & HAND :-D -- David T-G * There is too much animal courage in (play) davidtg@justpickone.org * society and not sufficient moral courage. (work) davidtgwork@justpickone.org -- Mary Baker Eddy, "Science and Health" http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg!