roland at cat.be
Fri Aug 13 08:12:24 UTC 2010
On Fri, 13 Aug 2010 09:39:49 +0200, kalinix
<calin.kalinix.cosma at gmail.com> wrote:
> On Thu, 2010-08-12 at 16:44 +0200, roland wrote:
>> On Thu, 12 Aug 2010 15:31:04 +0200, Tim <ignored_mailbox at yahoo.com.au>
>> > On Thu, 2010-08-12 at 14:40 +0200, roland wrote:
>> >> I would like to give someone a login on my server.
>> >> But, I would like to limit access to his home dir.
>> >> With Nautilus, Konqueror or from distance with p.e. Winscp, this
>> >> person could see what he wants and do maybe the unexpected.
>> > Unless you get slack with permissions, they can't read files owned by
>> > someone else unless those files have read permission for "other"
>> > Likewise, regarding writing to them. No ordinary user can change
>> > or application files, only their own files.
>> > And, as far as restricting them, that may depend on what you mean by
>> > logon to your system. You're sharing out a drive, directories, or
>> > actually allowing a direct logon where they can run things.
>> Someone who will install a website on the server. So I thought to give
>> a login and config apache to read the dir in his home dir.
>> He has to upload the files for this site. So I won't him to see only his
>> home dir.
>> So actually he will not run something, just install.
> chrooted ssh.
> It's for debian, but it works ok on fedora too. You don't necessarily
> need to download patched openssh, as now the openssh fedora ships
> supports chroot out of the box.
I looked it op for Fedora and CentOS, and it is available as well.
If this works, that would be great.
Will try it this afternoon.
I thank you very much.
More information about the users