Date: Tue, 18 Mar 1997 07:43:55 +0800 (WST) From: Adrian Chadd <adrian@obiwan.aceonline.com.au> To: Oleg Kolesnikov <joshua@main.univers.chernovtsy.ua> Cc: questions@FreeBSD.ORG Subject: Re: [Q] How to enable user to view only certain part of FS [see letter] Message-ID: <Pine.BSF.3.95q.970318073936.4999A-100000@obiwan.aceonline.com.au> In-Reply-To: <199703171917.TAA26557@main.univers.chernovtsy.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Mar 1997, Oleg Kolesnikov wrote: > > Say, user's home directory is /mnt/userhomes/username. > I want this user to be able to view only /mnt/userhomes/username/... and > everything that is lower down the user's home directory > (i.e. so, that the construction: > cd ../../../etc;cat hosts wouldn't work) Why? I know people who have done this thinking it makes things more "secure" .. and it only roots up things even further :) (eg user processes can't read system files to get the current nameserver setup, or /etc/passwd/group to get uid/gid -> name mapping, other nasty stuff), since /etc/ DOES hold files that are quite useful for user processes :) If you are worried about people seeing your config, you CAN chmod stuff that is run by root so that only ROOT can read / write / execute the file, and noone else can. I wouldn't suggest this unless you knew what files are only ever accessed by root. Why do you want to do this ? Cya. Adrian Chadd <adrian@psinet.net.au>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970318073936.4999A-100000>