-path combined with -prune is worth looking at; it should exclude directories, and I believe -path accepts regex. <br><br>If you exclude both box1/box2/box1/ and /box2/box1/, I think you'll then be finding across each box only once.<br>
<br>Actual construction of command left as an exercise for the reader.....<br><br><br clear="all">David Aldred<br>
<br><br><div class="gmail_quote">On 5 December 2011 18:08, Jason Irwin <span dir="ltr"><<a href="mailto:jasonirwin73@gmail.com">jasonirwin73@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">On 05/12/11 17:34, Mike Martin wrote:<br>
> box1 has home directory of box2 mounted on ~/box2<br>
> box2 has home directory of box1 mounted on ~/box1<br>
><br>
> both using sshfs, though I would expect same issue with NFA/CIFS<br>
<br>
</div>Security?<br>
Remove permissions for the box1 ssh user to ~/box1 on box2.<br>
Remove permissions for the box2 ssh user to ~/box2 on box1.<br>
<br>
My crude guess would be to have a share group (e.g. "box-share") that<br>
contains everyone but the other user (e.g. on box1 it's everyone but the<br>
box2 ssh user). Then go with 740 as the permissions (or whatever makes<br>
sense for your use case). Upshot should be that the local box user<br>
cannot see their own home via the foreign share.<br>
I hope that all made sense.<br>
<br>
I really need to learn more about sharing that simple cobbling Samba<br>
configs together...<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Jason Irwin<br>
</font></span><div class="HOEnZb"><div class="h5"><br>
_______________________________________________<br>
Nottingham mailing list<br>
<a href="mailto:Nottingham@mailman.lug.org.uk">Nottingham@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/nottingham" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/nottingham</a><br>
</div></div></blockquote></div><br>