pbuttwordprotection of directory 895

On Saturday 15 April 2006 18:09, Marten Kemp stood up and spoke the following words to the mbuttes incomp.os.linux.misc...:

"Directory", not "folder"... ;-)

Normally, no user can access files in another user's home directory.

They can be, yes, and there are various mechanisms to further fine-grain the permissions someone has on a file or directory - which you should see entirely in the context of files and directories which are shared among users, and which therefore by definition should not be located in any particular user's home directory.

An example of such finegraining is the uppercase "X" permission, which gives users "x" permission - i.e. execute permission for files, traverse permission for directories - if the user belongs to a group of which at least one other member has "x" permission on that particular file or directory.

See...

man chmod

... for details. ;-)

Another method of fine-graining security is by using ACL's (Access Control Lists). Most of the GNU-Linux filesystems - i.e.ext3,-reiserfs,-reiser4andxfs,possiblyjfsas well - support them, but they have to be mounted with ACL's as a mount option.

It all depends on what you want to accomplish in terms of security. Perhaps you should also look into the SELinux project, which is a way to harden a GNU-Linux system even further, among other things by using ACL's.

-- With kind regards,

*Aragorn* (Registered GNU-Linux user #223157)