My users home directory located in a RHEL 5.0 nfs server.
Client is ubuntu 8.1 using NIS for authntication anf NFS for automounting
home Directory on the client side.
I set 700 to the users home directory.
My problem here is some of the users change the mode, which result in leak of data.
Is there any way to not to change the permissions of home directory other than root
The user owns their home directory, hence they can change the modes as per their needs.
One way to remedy this is to run a periodic QA kind of script that reports on the users' home directories that are "world-readable/writable". We do this in our environment about once a quarter and send this out to the respective team managers. The onus then shifts to the managers of the application teams to ensure that their team members follow our recommended guidelines. This also helps us from an audit perspective; less last minute remediations.
I solved my problem
soln
mount the home directory partion with acl option.
then change the directory owner as root
Then Change mod to 700
Use the follwing command setfacl to give permission to user.
setfacl -m u:username:rwx foldername
check with getfacl