On Mon, Mar 11, 2002 at 03:16:33PM +0100, Stephane Gourichon wrote: > *it assumes that every entry in /home is always the homedir of a user. > While this is true in a vanilla lonely Mandrake system freshly installed > from scratch, it is wrong in many places. When the station is a node in > a cluster of machines sharing users, userdirs are often mounted from > other places, like: /home/teamname/username.
While this is probably too late for 8.2. Why don't we make msec do the following. Use getpwent to enumarte the passwd file and enforce permissions on home directories? And something similar for NIS and ldap users (I'm not sure if getpwent() returns these users)? This prevents hosing peoples setups but still achieves the security protections that msec is trying to achieve. -- Ben Reser <[EMAIL PROTECTED]> http://ben.reser.org What difference does it make to the dead, the orphans, and the homeless, whether the mad destruction is wrought under the name of totalitarianism or the holy name of liberty and democracy? - Ghandi