From owner-freebsd-isp Thu Jul 27 0:38:52 2000 Delivered-To: freebsd-isp@freebsd.org Received: from ns1.i-p-d.nl (ns1.i-p-d.nl [208.239.240.129]) by hub.freebsd.org (Postfix) with ESMTP id 6FD6437C059 for ; Thu, 27 Jul 2000 00:38:48 -0700 (PDT) (envelope-from chem@i-p-d.nl) Received: from andy (herdershond.demon.nl [212.238.118.9]) by ns1.i-p-d.nl (8.8.8/8.8.8) with ESMTP id JAA09013; Thu, 27 Jul 2000 09:28:15 +0200 (CEST) (envelope-from chem@i-p-d.nl) Message-Id: <200007270728.JAA09013@ns1.i-p-d.nl> From: "chem@i-p-d.nl" To: Kenn Martin Date: Thu, 27 Jul 2000 09:39:10 +0200 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: limiting telnet-users Reply-To: chem@i-p-d.nl Cc: freebsd-isp@FreeBSD.ORG In-reply-to: <20000726125556.A87381@alydar.infoteam.com> References: <200007241704.TAA13257@ns1.i-p-d.nl>; from chem@i-p-d.nl on Mon, Jul 24, 2000 at 07:15:04PM +0200 X-mailer: Pegasus Mail for Win32 (v3.12a) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > I have been investigating a way to limit telnet-users to their own home-dir. > > Problem with chroot is that a lot of dirs would have to be copied to the home- > > dir, in order for them to work with telnet. We only give telnet-access to users > > that specifically ask for it, because ftp is to limited. I remember a post from > > about a year ago, of someone who managed it by setting the permissions of the > > home-dirs and the dir above at a specific way, i believe in combination with a > > specific umask. Can't find that posting in the archives, though. > > [snip] > >From 'man bash': > [snip] > o changing directories with cd > I have looked at this, but not being able to cd down to their own directories is not an option. I have been thinking about adding the users to a group wwwusers and than chmod- ing the home-dirs 705 where the group of these homedirs would be wwwusers. When I got some time I will test this. chem To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message