On Thu, 30 Dec 2004 13:54:20 -0500, Justin Odom <justin.odom@gmail.com> wrote:
Not sure if anyone has experience with this, but I would like to lock down the /etc directory so common users cannot run through the directory and read all the files. However, programs still need to be able to read the files to work.
I'm not sure you can achieve what you're after--either a user can read the file or he can't. If you turn off read perms for a user, then programs running as that user also will be disallowed. If there's a way to distinguish between the two types of accesses I don't know what it is. Otherwise, maybe you should look into extended attributes--you'll need a filesystem that supports them. ReiserFS and ext3 both do, as do most others I'm sure. BR