From owner-freebsd-questions@FreeBSD.ORG Thu Mar 3 01:11:57 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15AEA16A4CE for ; Thu, 3 Mar 2005 01:11:57 +0000 (GMT) Received: from smtphost.cis.strath.ac.uk (smtphost.cis.strath.ac.uk [130.159.196.96]) by mx1.FreeBSD.org (Postfix) with ESMTP id 706C343D1F for ; Thu, 3 Mar 2005 01:11:56 +0000 (GMT) (envelope-from chodgins@cis.strath.ac.uk) Received: from [84.92.20.141] (chrishodgins.force9.co.uk [84.92.20.141]) j231BRF2026037; Thu, 3 Mar 2005 01:11:27 GMT Message-ID: <4226657B.4090604@cis.strath.ac.uk> Date: Thu, 03 Mar 2005 01:16:43 +0000 From: Chris Hodgins User-Agent: Mozilla Thunderbird 1.0 (X11/20050204) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Kevin Kinsey References: <20050301122927.C1E464BDAA@ws1-1.us4.outblaze.com> <42246D72.2020504@landgren.net> <20050302183758.N25321@mail.rot-1.de> <422661DD.1010909@daleco.biz> In-Reply-To: <422661DD.1010909@daleco.biz> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-CIS-MailScanner-Information: Please contact support@cis.strath.ac.uk for more information X-CIS-MailScanner: Found to be clean X-CIS-MailScanner-SpamCheck: not spam, SpamAssassin (score=0.238, required 6, PLING_QUERY 0.24) X-CIS-MailScanner-From: chodgins@cis.strath.ac.uk cc: Stevan Tiefert cc: Nick Pavlica cc: questions@freebsd.org Subject: Re: Default security: other users can ACCESS MY HOMEDIR?! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 01:11:57 -0000 Kevin Kinsey wrote: > Nick Pavlica wrote: > >> I was thinking along the lines of a scp server that would only allow >> the user to browse only there directories. >> >> >> On Wed, 2 Mar 2005 18:39:43 +0100 (CET), Stevan Tiefert >> wrote: >> >> >>> On Wed, 2 Mar 2005, Nick Pavlica wrote: >>> >>> >>> >>>> How would you restrict regular users from accessing any part of the >>>> file system accept there home dirs? Is this even possible? >>>> >>>> >>> >>> Hello Nick, >>> >>> it is possible but why? The user must be able to access their shells, >>> configurations and so on! >>> >>> With regards >>> Stevan Tiefert >>> > > > You might look at MAC (Chapter 15 of the handbook). I don't > grok it yet, so I can't say if it's exactly what you need. It could > be a lot more ... > > Kevin Kinsey > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > Also have a look at this: http://www.securityfocus.com/infocus/1404 Chris