Disable view access on /home

**asmar** · 07-05-2007

Hello all,

I have a server where users are able to ssh on it under their /home directory but they are also able to cd/ls in any other /home/* directory and view other users files.
Can anyone point me how to remove that.
I need users to be able to read/write/view only their directory.

I can achieve that by doing a chmod 700 on users home directory but then I'm having troubles with Samba and LDAP.

Thanks

**devils casper** · 07-05-2007

remove read access from group and others.

Code:

chmod 700 /home/<user>

**IsaacKuo** · 07-06-2007

What sort of SAMBA and LDAP issues do you have with chmod 700? If you need some other users (like particular daemons) to have read access, then you need to learn about using groups.

You'll need to do something like:

addgroup homereaders
chmod 750 /home/*
chgrp homereaders /home/*

This will create a new group called "homereaders", and will give any members of the "homereaders" group read access to the home directories. Next, you'll need to edit /etc/group to add particular users to "homereaders"--a list of users seperated by commas on the "homereaders" line. Note that you do not need to add any regular users to the homereaders group; every regular user already has full access to his own home directory.

**devils casper** · 07-06-2007

Originally Posted by asmar

I can achieve that by doing a chmod 700 on users home directory but then I'm having troubles with Samba and LDAP.

well well !! i am pretty sure that you have added this line after my post.

Thread Tools

Display

Disable view access on /home

Posting Permissions