From owner-freebsd-isp Fri Jun 26 10:45:35 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA21722 for freebsd-isp-outgoing; Fri, 26 Jun 1998 10:45:35 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mercury.jorsm.com (mercury.jorsm.com [207.112.128.9]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA21598 for ; Fri, 26 Jun 1998 10:44:58 -0700 (PDT) (envelope-from jeff@mercury.jorsm.com) Received: from localhost (jeff@localhost) by mercury.jorsm.com (8.8.7/8.8.7) with SMTP id MAA05880; Fri, 26 Jun 1998 12:44:19 -0500 (CDT) Date: Fri, 26 Jun 1998 12:44:18 -0500 (CDT) From: Jeff Lynch To: Mikael Hugo cc: "'IBS / Andre Oppermann'" , isp@FreeBSD.ORG Subject: RE: Homedir 'hiding' In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 26 Jun 1998, Mikael Hugo wrote: > Try to 700 the parent directory (/home) If you turn off read access to the world to home dirs, user "nobody", will not be able to read public_html to dish out their home pages. We opted to take away shell access by setting a date and notifying our customers of the reason for discontinuing. We only lost a few lusers who were problematic anyway, snooping around, running bots, hogging disk space, causing irc problems etc... We are much better for it. 80/20 rule rules! Just listing home dirs is not a problem, IMHO, they can get a list of users from the /etc/passwd file anyway. ========================================================================= Jeffrey A. Lynch JORSM Internet email: jeff@jorsm.com Northwest Indiana's Full-Service Provider Voice: (219)322-2180 927 Sheffield Avenue, Dyer, IN 46311 Autoresponse: info@jorsm.com http://www.jorsm.com > > We give our customers at the moment only chrooted ftp access (ftpd with > internal LS) to their www-homedirs. Some users however ask for telnet > access. > > The problem we have is that if someone logs in that person can see all > homedirectories of other customers. The user with telnet access has an > own group but can still see the other homedirs but not enter them (no > permission of course). > > My question is now: what can I do that the telnet users cant see > the other homedirs (don't tell me 'rm -R *' ;-)). > > PS: I have tried to set the permissions to drwx------ but it is > still visible with ls. > > -- > Andre Oppermann > > CEO / Geschaeftsfuehrer > Internet Business Solutions Ltd. (AG) > Hardstrasse 235, 8005 Zurich, Switzerland > Fon +41 1 277 75 75 / Fax +41 1 277 75 77 > http://www.pipeline.ch ibs@pipeline.ch > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message