It’s more complicated than that.
It depends on what the permsissions are set to.
You have user, group, and world permissions.
If the file is readable, then one can read it - they just have to know the path.
If the directory is readable, they can get a listing of its contents.
If the directory is executable, they can make it the current working directory.
Generally home directories are set to 751. These means they are not world-readable, and thus no one can do ‘ls /home/username’ to get a list of the directories. Except users that belong to the same group.
However it does not mean your files can’t be read. You would need to go through each file and set the permissions to 640 or 751. The 640 is to keep data files from being read, and the 751 is to keep script files from being read. If you set a web-accessible file to be non-readable though, the web server won’t access it!
I put data files in a directory that is not web-accessable and make them 640.
The Perl scripts I write are OO applications. The application class istself, including sensitive information, is stored in a Perl module. Perl modules are not executables, so they can be set to 640. Perl modules also shouldn’t be in a web-accessible directory either. To get the CGI application working, another Perl script is used, and all it does is execute an instance of the application class, a couple lines of code. So it can be safely placed within a web-accessible directory with permissions of 755.
[color=#6600CC]Atropos[/color] | openvein.org