700 is fine as long as you don't want your users to have webpages. If you don't plan to allow them to have a website (or no one uses it but yourself), then you can have it set to 700. If you have the user as a member in the apache group, and have the directory owned by the apache group, then you can remove the execute permission from other (not sure what mode that is). Basically:
user part of apache group - can enter the directory, but not list anything. Even if they do know the specific name of a file in the directory, they won't be able to write to it unless it is both owned by the apache group and writable by the apache group (or has write permission enabled for other). user not part of apache group - cannot enter directory, can't list anything. If you want to keep websites enabled for your users, that's basically the best you're going to do, other than locking down any unneeded services. [root@server home]# su - mvirontest [mvirontest@server mvirontest]$ ls tmp/ [mvirontest@server mvirontest]$ cd .. [mvirontest@server home]$ cd mviron [mvirontest@server mviron]$ ls ls: .: Permission denied [mvirontest@server mviron]$ ls -al ls: .: Permission denied [mvirontest@server mviron]$ Michael Viron Project Manager / Primary Developer & Manager of Online Operations General Education Online At 02:42 PM 6/18/2002 -0700, you wrote: >content-class: urn:content-classes:message >Content-Type: text/plain; > charset="iso-8859-1" > >Mandrake 8.2 has a default security setting that leaves users' home >directories world readable. I just read that you can enter other user's >home directories and subdirectories and read the files. The Mandrake >msec level by default choice is Standard. If you chmod each user's home >dir to 700, upon reboot it reverts back to what it was before. If >setting are changed in the Mandrake Control Center from Standard to High >then users home dir is 711, 700 would be better though. Any thoughts? > >Want to buy your Pack or Services from MandrakeSoft? >Go to http://www.mandrakestore.com >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
