On Wed Jul 02, 2003 at 05:12:13PM -0500, Praedor Atrebates wrote: > After I originally found that all users could see other user's home contents, > I tried first changing to security level 3. Someone else mentioned I could > set the home permission to 700. > > Both methods have screwed up my system and I can't seem to get it back even > though I switched to security level 2. My system is OK at the moment but > there will come a time (how long it takes is unknown as yet) when all of a > sudden, I cannot open konsoles, xterms, or start any app for that matter. > The perms on my home directory will change that will 1) prevent KDE from > working because it can't get write permissions to my home, and 2) kmail wont > be able to download/store email because it wont have write permission to my > ~/Mail directories. I have had to twice login as root and chown > praedor.praedor /home/praedor and set my home perm to 711, then 755. > > I restarted DrakConf and then went to Drakperms and set the security level to > 2 and made sure that /home/* was no longer editable and no longer 700 but > nevertheless I get this repetitious problem. > > What security level will allow users to actually USE their home directories, > window managers, etc, without problems but also prevent other users from > looking at the contents of their HOME dirs?
# msec 3 This is the level I always use. Any further tightening I do on my own. -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp00000.pgp
Description: PGP signature
