Red Hat Bugzilla – Bug 87979
recommended way of enabling public_html exposes users' files in /home/user/
Last modified: 2007-04-18 12:52:45 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4a) Gecko/20030403
Description of problem:
The docs for enabling public_html for user joeblow instruct, in part:
chmod o+x /home/joeblow
And, by default, user files are created o+r.
This combination allows anyone with a shell account to access the files in
It seems to me that RHL's default configuration should not lead to this result.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
follow RH's recommended procedure for enabling public_html directories
I forgot to mention that you'd have to know the name of a file in joeblow's home
directory in order to access it.
Which RH documentation are you referring to? The component has been changed to
rhl-cg, but the Customization Guide doesn't include this information.
i don't have them handy - maybe i was looking at some pre-upgrade docs - can you
tell me what the current recommended way of enabling public_html directories is?
Look for the UserDir directive.