On Thu, May 30, 2002 at 03:32:37PM +0000, Pollywog wrote: | On Thu, 30 May 2002 09:28:34 -0500 | "dman" <[EMAIL PROTECTED]> wrote: | | > To fix existing home directories, if they are all in /home/, | > | > chmod o-r /home/*
Oops, I forgot that the 'adduser' option sets the directories
group-readable as well. Make that command
chmod go-r /home/*
if you want to remove group-read permission (eg if multiple users have
the same primary group).
| > Note that you want the directories *executable* so that apache (for
| > example) can "cd" to ~/public_html/ for serving user's pages.
|
| Don't they need to be readable in order to be accessible to Apache?
(answered by Colin)
| I had my home directory o-r but sometimes certain programs could not
| read my user config files, so I had to make my /home/user directory
| o+r I had this problem with Procmail after installing Cyrus; it
| could not read my ~/.procmailrc
Was cyrus running as root or as your UID? How does cyrus look for the
file? (probably requires a look at the source) If it tries to list
the directory and then search that list for interesting stuff, then it
would need to be readable. I don't know what stat() requires, but it
probably doesn't need to read the directory. (IIRC stat() is often
used to check the existance of a file before opening it) Shell-like
globbing won't work because that requires listing (reading) the
directory. I would also expect procmail to be run as your UID or else
it's a security hole.
HTH,
-D
--
Who can say, "I have kept my heart pure;
I am clean and without sin"?
Proverbs 20:9
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
pgpTWvHJIRKcs.pgp
Description: PGP signature
