Date: Mon, 07 May 2012 22:18:14 +0200 From: Frank Staals <frank@fstaals.net> To: Paul Halliday <paul.halliday@gmail.com> Cc: questions@freebsd.org, "Randal L. Schwartz" <merlyn@stonehenge.com> Subject: Re: Write only directory. Message-ID: <m2ipg74uex.fsf@fstaals.net> In-Reply-To: <CAJfn-RHK0t1wqkB=ac8wir1f4Mgh1Uo2SwHDnULv6CxSmUkuDA@mail.gmail.com> (Paul Halliday's message of "Mon, 7 May 2012 15:53:09 -0300") References: <CAJfn-REgWrEP-g9uAxGOpsvt8SxuKOf_xXr=5iy4SahP0cpvoA@mail.gmail.com> <86aa1jaksf.fsf@red.stonehenge.com> <CAJfn-RHK0t1wqkB=ac8wir1f4Mgh1Uo2SwHDnULv6CxSmUkuDA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Halliday <paul.halliday@gmail.com> writes: > On Mon, May 7, 2012 at 3:49 PM, Randal L. Schwartz > <merlyn@stonehenge.com> wrote: >>>>>>> "Paul" =3D=3D Paul Halliday <paul.halliday@gmail.com> writes: >> >> Paul> Is it possible to let a user write to a directory but not access t= he >> Paul> file after they write it? >> >> Paul> The file is being transferred via scp and after the transfer I don= 't >> Paul> want them to be able to re-fetch or even get a directory listing. >> >> scp is via ssh. =C2=A0with ssh, they get a complete command line. =C2=A0= how are >> you going to prevent *that*? > > The users shell is /bin/false > > and sshd is setup like: > > Match User a_user > ChrootDirectory %h > ForceCommand internal-sftp > AllowTcpForwarding no There is also shells/scponly for this kind of thing. As for the file permis= sions question: not sure how to tackle that.=20 --=20 - Frank
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m2ipg74uex.fsf>