locking a user into one directory
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Thu Jan 29 05:31:47 PST 2004
Gautam Gopalakrishnan <ggop at madras.dyndns.org> writes:
> On Wed, Jan 28, 2004 at 09:59:11PM -0500, Lowell Gilbert wrote:
> > Dragoncrest <dragoncrest at voyager.net> writes:
> >
> > > I've seen this explained before, but I've never taken much
> > > interest in it as I never had a need for it. Well, it's starting to
> > > look like I do. What I'm wanting to do is give shell access to a user
> > > to shell into the mail server, check their mail, and that's it. I
> > > don't want them to be able to wander outside of their home directory.
> > > I think it's called a jail, but I don't remember. Does anyone know
> > > what it is I need and have a tutorial for it or know where I can find
> > > one? Much appreciated.
> >
> > Um, you mean "man jail"?
> > Or maybe "man chroot"...
>
>
> Or you could use a restricted shell, maybe zsh or bash.
> http://www.faqs.org/docs/bashman/bashref_75.html
Sure, that could do it, depending on what's needed.
If you're limiting the users because you don't trust them,
you should stick with real security instead.
Restricted shells are really more for keeping yourself
from shooting yourself in the foot.
More information about the freebsd-questions
mailing list