Date: Wed, 11 Feb 2009 11:36:34 -0800 From: Chuck Swiger <cswiger@mac.com> To: Keith Palmer <keith@academickeys.com> Cc: freebsd-questions@freebsd.org Subject: Re: Restricting users to their own home directories / not letting users view other users files...? Message-ID: <B6540ACD-4987-45A0-9CAA-1C6FF34A9CA6@mac.com> In-Reply-To: <53134.12.68.55.226.1234369337.squirrel@www.academickeys.com> References: <53134.12.68.55.226.1234369337.squirrel@www.academickeys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Feb 11, 2009, at 8:22 AM, Keith Palmer wrote: > We have a FreeBSD server with multiple users. I would rather each user > *not* be able to view other users' files via an SSH or SFTP session. > i.e. > if I'm logged in as "keith" I should *not* get a list of files when > I do > "ls /home/shannon" > > I realize I can fix this by setting the permissions on the "/home/ > shannon" > directory to 700. *However* then Apache (running as user "www") won't > display the documents in "/home/shannon/public_html" from > "http://ip-address/~shannon/", instead returning a "403 Forbidden" > error. This is an old, old problem; a reasonable solution is to create a $USER/private directory with 700 permissions for each user, and have them put anything which they consider "secret" under there. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B6540ACD-4987-45A0-9CAA-1C6FF34A9CA6>