> Date: Wed, 8 Sep 2021 11:24:18 +0200
> From: jim hook <jimhook7475@mail.com>
> Thinking of that home dirs could be on a shared storage, that can be
> accessed by others and maliciously modify the ".profile", etc. files
> of the targeted user.
>
> ex.: "unset cd" would help, but any solution in general?
> Date: Wed, 8 Sep 2021 19:41:46 +0959
> From: Reuben ua Bríġ <u5644051@anu.edu.au>
> directory permissions. in code:
>
> for u in /home/*
> do chown "$u" "/home/$u"
> chmod go-w "/home/$u"
>
> which you should find is already the default.
> Date: Wed, 8 Sep 2021 19:50:26 +1000
> From: Reuben ua Bríġ <u5644051@anu.edu.au>
> oops, wrong code. i meant
>
> cd /home
> for u in *
> do set -- "$u" "$u/.profile"
> chown "$u" "$@"
> chmod go-w "$@"
> done
>
> assuming you have the usual directory set-up.
> a more general solution would involve parsing /etc/passwd
except that in general you should never do anything as root to files
under a directory owned by a user other than root, as that user could
replace the file with a symbolic link to some other file, and trick you
into modifying some important system file.
secure ways of doing basic stuff in obsd are... convoluted.
No comments:
Post a Comment