[redhat-lspp] /home at SystemHigh
George Wilson
gcwilson at us.ibm.com
Thu Feb 23 22:22:19 UTC 2006
It might make sense to default user directories created under /home to
SystemHigh to prevent leakages. Upgrading them might be the final step of
adding a user. Then polyinstantiated directories at the right levels for
logins at different clearances would be mounted over it. Why should /home
itself be SystemHigh?
Thanks,
George Wilson
IBM LTC Security Development
Linda Knippers <linda.knippers at hp.com>@redhat.com on 02/23/2006 02:16:47 PM
Sent by: redhat-lspp-bounces at redhat.com
To: Daniel J Walsh <dwalsh at redhat.com>
cc: redhat-lspp <redhat-lspp at redhat.com>
Subject: Re: [redhat-lspp] /home at SystemHigh
/home at SystemHigh also makes useradd not work. If the admin
is running at SystemHigh, its possible to create the home directory
but not update the passwd/shadow files. If the admin is running
at SystemLow, then its possible to update the passwd/shadow files
but not create the home directory.
Does /home need to be SystemHigh?
-- ljk
Daniel J Walsh wrote:
> Causes all Shell startup to fail.
>
> # bash
> bash: /home/dwalsh/.bashrc : Permission denied
>
> Looks like bash does a search starting at /home for its path. Gets a
> denied because it is not allowed to read SystemHigh.
> What should I do?
>
> Bash continues to work, but every login gets this nasty error and the
> .bashrc file is never read.
>
> Dan
>
> --
> redhat-lspp mailing list
> redhat-lspp at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-lspp
>
--
redhat-lspp mailing list
redhat-lspp at redhat.com
https://www.redhat.com/mailman/listinfo/redhat-lspp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20060223/845ab92a/attachment.htm>
More information about the redhat-lspp
mailing list