08-29-2006
Can I prevent a user from changing the permissions on their home directory.
Hello All,
I have a new HPUX system going into production and it will be used by 2 projects. One of the contract requirements is the 2 groups can not have access to the others work or data. I believe I have the system pretty well locked up using groups and permissions and selective mounting of RAID partitions. However the one problem I see that I can not figure out:
Is it possible to prevent a user from changing the permissions on their home directory?
If I set the permissions at 750 the other group can not access the files. However if the user/owner decides to change them to anything more laxed, like 755, then the other group will have access to any proprietary data.
I realize that changing the permissions will most likely be a deliberate act, but I do have a couple of user that are rather lax in following the rules.
Thanks in advance for your responses.
Dan L.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
So I need to change the permissions of my user account. I can
access the root account on the server, but don't know how to
change the permissions of my user account. I was advised to
try 'userconf' to see if I am part of a group, but I dunno how that works. ANyone who knows how to see the... (3 Replies)
Discussion started by: achink125
3 Replies
2. UNIX for Dummies Questions & Answers
I accidently reset the permissions of my /home/punkrockguy318 directory to root only. How can I get my punkrockguy318 permissions ( and all of it's contents) to be read/write accesable only to punkrockguy318 and root? (5 Replies)
Discussion started by: punkrockguy318
5 Replies
3. UNIX for Dummies Questions & Answers
Hi everyone.
My objective is to configure a Solaris 10 box as follows: There will be many simultaneous users connecting to it, and each of those users would automatically get a home folder.
For example, when I add user "Bob", the home folder would be /export/home/Bob
And for Mary, it's... (3 Replies)
Discussion started by: EugeneG
3 Replies
4. Shell Programming and Scripting
Hello All:
I have an LDAP server that is used for authentication. Now the home directory id set to : /export/home/user1 . But I am logging in to different machines Solaris, Linux. The problem is I want the home directory to change depending on the os version (e.g. /export/home/user1/linux). Can... (1 Reply)
Discussion started by: disturbe_d
1 Replies
5. UNIX for Advanced & Expert Users
My users home directory located in a RHEL 5.0 nfs server.
Client is ubuntu 8.1 using NIS for authntication anf NFS for automounting
home Directory on the client side.
I set 700 to the users home directory.
My problem here is some of the users change the mode, which result in leak of... (2 Replies)
Discussion started by: a_artha
2 Replies
6. UNIX for Dummies Questions & Answers
Hi, Im getting this annoying problem on file permission when I copy a folder to a mounted external directory. the files inside the copied folders become all executable. I tried to search for ways how to undo the permission over the web but to no avail.
tried this one but it doesnt change a... (2 Replies)
Discussion started by: ida1215
2 Replies
7. Solaris
Hi ,
on my Solaris 10 machine user's home directory ownership is being changed automatically to their UID. can any one please tell me whats the reason behind it .
users are there in /etc/passwd file . /etc/shadow file is also there along with nssswitch.conf file and there is no changes made to... (5 Replies)
Discussion started by: usernew
5 Replies
8. Shell Programming and Scripting
Hi could some let me know how to prevent user from changing his home directory.......
Thanks in advance.... (1 Reply)
Discussion started by: Revanth547
1 Replies
9. Shell Programming and Scripting
Hi could some let me know how to prevent user from changing his home directory.......
Thanks in advance.... (6 Replies)
Discussion started by: rahul547
6 Replies
10. UNIX for Advanced & Expert Users
Hi,
I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions.
I did this using
chmod -R g+rwx /home/shared/
The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies
LEARN ABOUT FREEBSD
pam_chroot
PAM_CHROOT(8) BSD System Manager's Manual PAM_CHROOT(8)
NAME
pam_chroot -- Chroot PAM module
SYNOPSIS
[service-name] module-type control-flag pam_chroot [arguments]
DESCRIPTION
The chroot service module for PAM chroots users into either a predetermined directory or one derived from their home directory. If a user's
home directory as specified in the passwd structure returned by getpwnam(3) contains the string ``/./'', the portion of the directory name to
the left of that string is used as the chroot directory, and the portion to the right will be the current working directory inside the chroot
tree. Otherwise, the directories specified by the dir and cwd options (see below) are used.
also_root Do not hold user ID 0 exempt from the chroot requirement.
always Report a failure if a chroot directory could not be derived from the user's home directory, and the dir option was not specified.
cwd=directory
Specify the directory to chdir(2) into after a successful chroot(2) call.
dir=directory
Specify the chroot directory to use if one could not be derived from the user's home directory.
SEE ALSO
pam.conf(5), pam(8)
AUTHORS
The pam_chroot module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division
of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.
BSD
February 10, 2003 BSD