From owner-freebsd-security Fri Sep 8 15:19:49 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 970A737B509 for ; Fri, 8 Sep 2000 15:19:46 -0700 (PDT) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id QAA11131; Fri, 8 Sep 2000 16:19:25 -0600 (MDT) Message-Id: <4.3.2.7.2.20000908161720.04680100@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Fri, 08 Sep 2000 16:19:22 -0600 To: "Jonathan M. Slivko" , freebsd-security@FreeBSD.ORG From: Brett Glass Subject: Re: Home Directories -- in the point of security? In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Symlink a ~/Web subdirectory into the user's directory and make that one world-readable. If updating Web pages is the only reason users use FTP, chroot them into their Web directories when they connect via FTP. Put quotas on the Web subdirectories, too. Some folks don't realize just how big their uncompressed (or badly compressed) images are. --Brett At 03:12 PM 9/8/2000, Jonathan M. Slivko wrote: >What chmod value should I use when modifying home directories to allow for >a personal website on a webserver without comprimsing security of the >files from other users, even reading the files is out of the question >entirely. > >---- >Jonathan M. Slivko >Technical Support: CoreSync Corparation >NSI ID: JSR730 > >Want a reliable shells? check us out at >http://www.coresync.net! >---- > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message