On Wed, 2 Jul 2003, Vox wrote: > On September 1993 plus 3591 days Praedor Atrebates wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > After I originally found that all users could see other user's home contents, > > I tried first changing to security level 3. Someone else mentioned I could > > set the home permission to 700. > > > > Both methods have screwed up my system and I can't seem to get it back even > > though I switched to security level 2. My system is OK at the moment but > > there will come a time (how long it takes is unknown as yet) when all of a > > sudden, I cannot open konsoles, xterms, or start any app for that matter. > > The perms on my home directory will change that will 1) prevent KDE from > > working because it can't get write permissions to my home, and 2) kmail wont > > be able to download/store email because it wont have write permission to my > > ~/Mail directories. I have had to twice login as root and chown > > praedor.praedor /home/praedor and set my home perm to 711, then 755. > > > > I restarted DrakConf and then went to Drakperms and set the security level to > > 2 and made sure that /home/* was no longer editable and no longer 700 but > > nevertheless I get this repetitious problem. > > > > What security level will allow users to actually USE their home directories, > > window managers, etc, without problems but also prevent other users from > > looking at the contents of their HOME dirs? > > Uhm...I use msec3 always, on all machines, and never have problems > using any apps...I think you messed up the perms in drakperms in > some way. What I *have* noticed a couple of times (not tried > lately...this happened in the 8.x days) is that if you go from a > higher level to a lower level of msec, some perms do get messed up > and you have to fix them by hand before msec will start listening to > you again. But that happened both times going from 5 to 3, and the > problems you are referring to are not problems that I can relate to > 3 in any way. > > Vox > >
I use msec 4, with a few custom tweaks. I've never* had any problems (with using apps, any way). All my homedirs are 700. *Unless you consider that promiscuous check a problem. That crazy thing would always spam my logs until I finally figured out how to disable it for good. Also a few of the other directories were mod'd to some annoying level, but I fixed them in the perms file. -- -chort AKA Brian Keefer The thoughts I express are generally piped from /dev/random, needless to say they do not represent my fine employer: CipherTrust, Inc - www.ciphertrust.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
