Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 31 Jul 2008 17:28:36 -0400
From:      Valeriu Mutu <vmutu@pcbi.upenn.edu>
To:        John Almberg <jalmberg@identry.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Controlling read access
Message-ID:  <20080731212836.GH19484@snowball.pcbi.upenn.edu>
In-Reply-To: <26259A11-0CE7-43FB-878C-1A989C1EB006@identry.com>
References:  <26259A11-0CE7-43FB-878C-1A989C1EB006@identry.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 31, 2008 at 05:16:48PM -0400, John Almberg wrote:
> I operate a server on which I am typically the only ssh user, but I  
> do provide a small number of users ftp access.
> 
> Each user has their own home directory. Currently all home  
> directories have read permission set for 'other'. This means if I log  
> in as one user, I can read and even download the contents of other  
> users home directories.
> 
> I want to block this read access. What is the best way to do this?  
> Turn off the read bit for 'other'? Or is there some better way?
> 
> Thanks: John
> 
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

Hi John,

If the user logs into their own directory via FTP, there should be a way to "chroot" him/her, so that the home directory appears as the root directory. Consult your FTP server manuals for this.

You might also turn off the r,w,x bits for other.

Valeriu

-- 
Valeriu Mutu



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080731212836.GH19484>