Restricting users to their own home directories / not letting users view other users files...?

[A. Wright]

On Wed, 11 Feb 2009, Keith Palmer wrote:

> What if I symlinked each home user's public_html directory to a directory
> readable only by Apache? Would Apache be able to read the destination
> directory via the symlink, even if it doesn't have permission to access
> the destination directory?

You can do something like this easily.

Assuming you have access to the Apache config, you can setup Apache
to look in a location other than /home/${USER} for the public_html
directories.  Let us call this /web/${USER}.  If you create a
directory here for each actual user, and create a user-owned
public_html directory within it, then you can make your symlinks
from the "real" home directory to this location.  Apache can happily
operate on the assumption that ${HOME} for each user is /web/${USER}.

Look for UserDir in the Apache config httpd.conf (for 1.3) or the
httpd-userdir.conf file (for 2.2).


> Is there really no better way to do this...?!?

Even easier is to simply set the default umask for your users (say
to 077) in the system-wide shell initialization for your users'
favourite shells.

Then new files will be unreadable, and new directories unbrowsable.
User "A" will be able to see if "B" has created a file in their
home dir, but not what is in it, nor anything below the home directory
point.

This is what most systems do -- if people want their items completely
private, they can put them in a sub-dir.

Users can still "give away" privacy by resetting umask or using chmod,
but they could do that in any case, if you allow more than one account
per machine (or jail).

Cheers,
Andrew.