Muli Ben-Yehuda wrote:
>
> On Mon, Apr 29, 2002 at 08:16:11AM -0400, Daniel Pearson wrote:
> > On Sun, Apr 28, 2002, Muli Ben-Yehuda <[EMAIL PROTECTED]> wrote the following:
> > > ObLinuxTriviaQ: Using one standard unix command, hide a all of the
> > > files in a single user's home directory, so that they will be totally
> > > inaccessible until the admin decides otherwise. Answers on or off
> > > list, as you wish.
> >
> > chmod 0000 /home/baduser
>
> No, not good enough. If the luser is still logged in, he can chmod(1)
> the directory right back.
IMHO the chmod is right on track, when combined with 2 other things.
1. Make sure the user is logged off. Why he should be left on if he is so
bad is a puzzle to me. (ps -axu | grep <user> .......)
2. Make him unloginable. Some options include "passwd -l", replacing
password in /etc/passwd and /etc/shadow with "NO-LOGIN", etc.
Or to be mean, change his login shell to /bin/false
3. The really paranoid can also "chown 0.0 /home/<user>".
4. The really, really paranoid can:
"find /home/<user> -type d -exec chmod 000 {} \;"
Geoff.
--
Geoffrey S. Mendelson
Bloomberg L.P., BFM (Israel) 2 hours ahead of London, 7 hours ahead of New York.
Tel: 972-(0)3-754-1158 Fax 972-(0)3-754-1236 Email: [EMAIL PROTECTED]
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
