From owner-freebsd-questions Thu Aug 26 14: 7:49 1999 Delivered-To: freebsd-questions@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id E3D94153C6 for ; Thu, 26 Aug 1999 14:07:47 -0700 (PDT) (envelope-from bright@wintelcom.net) Received: from localhost (bright@localhost) by fw.wintelcom.net (8.8.8/8.8.8) with ESMTP id HAA28708; Thu, 26 Aug 1999 07:21:06 -0700 (PDT) (envelope-from bright@wintelcom.net) Date: Thu, 26 Aug 1999 14:21:06 +0000 (GMT) From: Alfred Perlstein To: Kris Kedzierski Cc: "FreeBSD-questions@freebsd.org" Subject: Re: User Permissions In-Reply-To: <02d601beeffd$768effc0$0ac951d1@activetech.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 26 Aug 1999, Kris Kedzierski wrote: > Hey > > I have a question about user permisions. We have 2.2.8R boxes but when I > set up users and they telnet into the boxes they can see other users' > directories and files in them. When I set the permissions to that user only > they cant have their web pages cause the permission will be denied. They > can also look at othe files that I would consider they shouldn't have > ability to read. Can someone point me in the right direction for setting > the right security model? > I need to have them look only at their files and maybe crontab. > Thanx tip #1: read the documentation. tip #2: be more specific, you didn't even tell us what web server you are running... assuming apache: http://www.apache.org/docs-1.2/mod/mod_userdir.html basically, you can make a directory such as: "/usr/home/webspace" make it owner:group root:wheel, make sure it is rwx--x--x, then set line with "UserDir" in it to: UserDir /usr/home/webspace then when a user needs a web dir, just make it in /usr/home/webspace and chown it username:group and make it 755. good luck, -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message