not limiting ourselves. we do not do this not just once.

This commit is contained in:
monsieuremre 2023-10-26 19:30:58 +00:00 committed by GitHub
parent 88cd5a905d
commit f487752ba1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -35,11 +35,9 @@ home_folder_access_rights_lockdown() {
# Each users home directory to himself # Each users home directory to himself
for user in $(dir /home); do # lists directories only for user in $(dir /home); do # lists directories only
if [ grep -q "$user" /etc/passwd ]; then # check if user actually exists, and this is not some random directory if [ grep -q "$user" /etc/passwd ]; then # check if user actually exists, and this is not some random directory
if [ -f /var/cache/security-misc/state-files/$user ]
continue # only doing once
fi
dpkg-statoverride --add --update $user $user 0700 /home/$user # home directory of the user itself dpkg-statoverride --add --update $user $user 0700 /home/$user # home directory of the user itself
touch /var/cache/security-misc/state-files/$user # so that we know we did this one echo "Permission updated: chmod go-rwx /home/$user"
fi
done done
} }