I'm thinking of doing 'chmod 700 -R ~'. Can it be dangerous? What can happen what I don't expect? Also, is there any way to keep all files on $HOME to be -rwx------?
Asked
Active
Viewed 9,178 times
2 Answers
7
The main problem I can think of is that that command will set the execute bit on all files, even those that aren’t executable. So, if you have a file called foo, and someday you want to do cat foo or print foo and you accidentally type just foo, the shell will try to execute foo; i.e., interpret it as a shell script. This will probably just explode in your face harmlessly, but if foo contains anything that looks like a shell command, you could get harmful results.
A lesser issue is that if you have a file that you want to preserve, and last year you did a chmod 444 to protect it from yourself, the chmod 700 will restore your write bit, and make it easier for you to clobber the file accidentally.
The solution to both issues is to do chmod go= -R ~ or chmod go-rwx -R ~, which will turn off all bits for group and others, but leave your access alone.
Scott - Слава Україні
- 22,532
0
Kind of old now but you can chmod 700 for folders and chmod 600 files and it would solve the issue of adding the execute bit on all regular files (you need execute on folders to ls).
find ~ -type d -print0 | xargs -0 chmod 700
find ~ -type f -print0 | xargs -0 chmod 600
mtak
- 17,262
