Controlling read access
Valeriu Mutu
vmutu at pcbi.upenn.edu
Thu Jul 31 21:28:38 UTC 2008
On Thu, Jul 31, 2008 at 05:16:48PM -0400, John Almberg wrote:
> I operate a server on which I am typically the only ssh user, but I
> do provide a small number of users ftp access.
>
> Each user has their own home directory. Currently all home
> directories have read permission set for 'other'. This means if I log
> in as one user, I can read and even download the contents of other
> users home directories.
>
> I want to block this read access. What is the best way to do this?
> Turn off the read bit for 'other'? Or is there some better way?
>
> Thanks: John
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
Hi John,
If the user logs into their own directory via FTP, there should be a way to "chroot" him/her, so that the home directory appears as the root directory. Consult your FTP server manuals for this.
You might also turn off the r,w,x bits for other.
Valeriu
--
Valeriu Mutu
More information about the freebsd-questions
mailing list