From owner-freebsd-security Fri Sep 8 15:31:46 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 445DF37B43F for ; Fri, 8 Sep 2000 15:31:41 -0700 (PDT) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id QAA11248; Fri, 8 Sep 2000 16:31:33 -0600 (MDT) Message-Id: <4.3.2.7.2.20000908162832.04cff4c0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Fri, 08 Sep 2000 16:31:26 -0600 To: "Jonathan M. Slivko" From: Brett Glass Subject: Re: Home Directories -- in the point of security? Cc: freebsd-security@FreeBSD.ORG In-Reply-To: References: <4.3.2.7.2.20000908161720.04680100@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Even "friends" can sometimes overdo it. If you keep the pages in a separate FreeBSD partition and impose quotas, you'll be safer in that the system (which may be mission-critical for you) won't fall apart if someone inadvertently takes up a lot of space. This is especially important if you're letting your friends do CGI. --Brett At 04:12 PM 9/8/2000, Jonathan M. Slivko wrote: >Well, i'm not running this box as an ISP. I'm running this as a box for >myself and a few of my friends. So, I have more than enough space to run >all of what I need without having to put quotas on anything. > >-- Jonathan M. Slivko > >---- >Jonathan M. Slivko >Technical Support: CoreSync Corparation >NSI ID: JSR730 > >Want a reliable shells? check us out at >http://www.coresync.net! >---- > >On Fri, 8 Sep 2000, Brett Glass wrote: > >> Symlink a ~/Web subdirectory into the user's directory and make that one >> world-readable. If updating Web pages is the only reason users use FTP, >> chroot them into their Web directories when they connect via FTP. Put >> quotas on the Web subdirectories, too. Some folks don't realize just >> how big their uncompressed (or badly compressed) images are. >> >> --Brett >> >> At 03:12 PM 9/8/2000, Jonathan M. Slivko wrote: >> >> >What chmod value should I use when modifying home directories to allow for >> >a personal website on a webserver without comprimsing security of the >> >files from other users, even reading the files is out of the question >> >entirely. >> > >> >---- >> >Jonathan M. Slivko >> >Technical Support: CoreSync Corparation >> >NSI ID: JSR730 >> > >> >Want a reliable shells? check us out at >> >http://www.coresync.net! >> >---- >> > >> > >> > >> >To Unsubscribe: send mail to majordomo@FreeBSD.org >> >with "unsubscribe freebsd-security" in the body of the message >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message