Re: [K12OSN] How can I hide other /homes?

Hmmm...I don't know if that can be done, but here's a rough approximation, taught to me years ago by a grizzled old UNIX admin at the University of Washington.

You chmod /home to 711 and set ownership to root.  The individual subdirectories (say, /home/student1, /home/student2, etc.) are set to 700.  What this does is put "execute" permission on the directory.  You've got to have that to traverse the directory; "read" permission won't cut it.  Unlike on Microsoft operating systems, "traversability" is a separate thing from "readability", and neither implies the other.  This "execute only" setting lets folks traverse directories without seeing what's underneath them.  That is, they won't be able to see which directories are in /home, but student2 can "cd" to /home/student2, or put "/home/student2" in the Konqueror or Nautilus file manager (or whatever file manager you use for dir. browsing).  student2 still has full control of /home/student2 and can import things from OpenOffice.org.  By default, OpenOffice.org looks in the u ser's home directory (in this case, /home/student2), so no directory traversal from /home even needs to happen in the scenario you're describing below.

I used a similar scheme to set up an "upload-only" directory on a public FTP server.  Worked like a champ.

You get the very similar behaviour, BTW, on Windows NT domains when giving all users "hidden" shares, that is, putting a dollar sign ($) at the end of the share name (say, \\SERVER1\student2$).  Still accessible, just doesn't show up in Network Neighborhood.

Not exactly what you were looking for below, but hopefully it helps.


On Thu, 2003-10-02 at 20:29, David Trask wrote:
Ok....now that I've gotten all the home dirs on my Samba/LDAP box
"chmod-ed" to 700....I'd like to find a way to hide them from
everyone...except that the logged in user will see only his/her own home
folder.  This would come in handy with OpenOffice when the kids try to
import graphics from their home folder....other wise they have to scroll
through everyone elses...I'd like it so they can only see theirs....any

David N. Trask
Technology Teacher/Coordinator
Vassalboro Community School
dtrask vcs u52 k12 me us

