Hi all,
Maybe it is a security issue, or may be I'm wrong.
I'm running LM 8.2
In msec 3 level ("more secure"), the folder permissions for /home/* is
711, in other words, drxw--x--x
Then, as NOT root, I can do it, for example:
*********
[oscar@localhost oscar]$ cd /home
[oscar@localhost home]$ ls
oscar anotheruser
[oscar@localhost home]$ cat anotheruser/.bashrc
# .bashrc
# User specific aliases and functions
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
*********
I think it is not secure, because I can see any file of other users if I
know the name of the file.
Now I'm running in msec 4 level. But I think we can edit
/usr/share/msec/perm.3, put here a more logical permissions, and re-run
'msec 3'
I hope that this information will be useful.
oscar.
--
.-.
oo|
/`'\ Usuario de Linux Registrado #227443
(\_;/) http://counter.li.org/
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
