If I chmod 700 the the home directory of a user (on Linux), does this guarantee that other non-privileged users cannot access any subdirectory or file under that home directory? Or are there sneaky exceptions to this?
Just to be concrete, if I have a directory /home/foo that is 700, and it has a subdirectory "bar" that is 777, can any other user on the system read bar? Or is it guaranteed not to be readable?
Yes. In order for another user to traverse into any subdirectories, it needs to read the base directory. If it doesn't have permissions (ie: 700), it won't be able to read anything in there. Also make sure that the base directory (/home/foo) is owned by the user foo. A user, bar, should not be able to access it.
Having 700 perms on a directory is only a first step in the right direction.
If /home/foo is 700 and /home/foo/bar is 777, anyone can still write to bar, as long as they know that the bar is there, as they don't have any browsing privileges to /home/foo. That's why sometimes you might need to blast chmod -R o-rwx /home/foo. Also to prevent future problems, set the umask to something more restrictive like 077 or 027, depending on your needs.
Also, you must make sure that all files in /home/foo/ are owned by the user you want (probably user named foo in this case). If you have files in there owned by someone else, than the 700 will protect access to that file for its owner, not the owner of the directory it's in.