Controlling read access
Manolis Kiagias
sonic2000gr at gmail.com
Thu Jul 31 21:28:05 UTC 2008
John Almberg wrote:
> I operate a server on which I am typically the only ssh user, but I do
> provide a small number of users ftp access.
>
> Each user has their own home directory. Currently all home directories
> have read permission set for 'other'. This means if I log in as one
> user, I can read and even download the contents of other users home
> directories.
>
> I want to block this read access. What is the best way to do this?
> Turn off the read bit for 'other'? Or is there some better way?
>
> Thanks: John
>
What ftp server software are you using?
For example, in proftpd, you simply add this line to
/usr/local/etc/proftpd.conf:
DefaultRoot ~
and everyone is "jailed" into his own directory.
It also seems the ftp daemon in the base system supports this through
/etc/ftpchroot.
If you are using it, read the man pages for ftpd(8) and ftpchroot(5)
More information about the freebsd-questions
mailing list