Date: 29 Jan 2004 08:31:33 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Gautam Gopalakrishnan <ggop@madras.dyndns.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: locking a user into one directory Message-ID: <44y8rqanka.fsf@be-well.ilk.org> In-Reply-To: <20040129034148.GA99912@madras.dyndns.org> References: <5.2.0.9.2.20040128211822.01d40390@pop.voyager.net> <44hdyfa29s.fsf@be-well.ilk.org> <20040129034148.GA99912@madras.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Gautam Gopalakrishnan <ggop@madras.dyndns.org> writes: > On Wed, Jan 28, 2004 at 09:59:11PM -0500, Lowell Gilbert wrote: > > Dragoncrest <dragoncrest@voyager.net> writes: > > > > > I've seen this explained before, but I've never taken much > > > interest in it as I never had a need for it. Well, it's starting to > > > look like I do. What I'm wanting to do is give shell access to a user > > > to shell into the mail server, check their mail, and that's it. I > > > don't want them to be able to wander outside of their home directory. > > > I think it's called a jail, but I don't remember. Does anyone know > > > what it is I need and have a tutorial for it or know where I can find > > > one? Much appreciated. > > > > Um, you mean "man jail"? > > Or maybe "man chroot"... > > > Or you could use a restricted shell, maybe zsh or bash. > http://www.faqs.org/docs/bashman/bashref_75.html Sure, that could do it, depending on what's needed. If you're limiting the users because you don't trust them, you should stick with real security instead. Restricted shells are really more for keeping yourself from shooting yourself in the foot.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44y8rqanka.fsf>