security

[Tim]

On Thu, 2010-08-12 at 14:40 +0200, roland wrote:
> I would like to give someone a login on my server.
> But, I would like to limit access to his home dir.
>  
> With Nautilus, Konqueror or from distance with p.e. Winscp, this
> person could see what he wants and do maybe the unexpected.

Unless you get slack with permissions, they can't read files owned by
someone else unless those files have read permission for "other" users.
Likewise, regarding writing to them.  No ordinary user can change system
or application files, only their own files.

And, as far as restricting them, that may depend on what you mean by
logon to your system.  You're sharing out a drive, directories, or
actually allowing a direct logon where they can run things.

-- 
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.