Multi-User Security
Frankye - ML
listsucker at ipv5.net
Mon May 17 06:10:36 PDT 2004
On Mon, 17 May 2004 14:08:40 +0200 (CEST)
"David E. Meier" <dev at eth0.ch> wrote:
| We would like to offer to some customers of ours some sort of network
| backup/archive. They would put daily or weekly backups from their local
| machine on our server using rsync and SSH. Therefore, they all have a
| user account on our server. However, we must ensure that they would
| absolutely not be able to access any data of each other at all.
Just my 2 cents: I've found very useful some shells that permits just some
subset of commands, for example shells/scponly, sysutils/bksh or
sendmail's smrsh.
Since you're using ssh you might also find useful the command= statement
in .ssh/authorized_keys
HTH
Frankye
More information about the freebsd-security
mailing list