Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 17 Feb 1998 09:15:52 +1100 (EST)
From:      "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To:        Child <child@prairie.lakes.com>
Cc:        questions@FreeBSD.ORG, isp@FreeBSD.ORG
Subject:   Re: virtual domains
Message-ID:  <Pine.BSF.3.91.980217091112.294u-100000@panda.hilink.com.au>
In-Reply-To: <3.0.3.32.19980216121833.0075afa0@192.168.0.10>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 16 Feb 1998, Child wrote:

> Dear allI have setup a number of virtual domains on my system
> I have chroot'd ftp access 
> so all users see is
> /data
> /cgi-bin
> /icons 
> but need telnet access to perfrom tasks with setting up cgi scripts etc ect
> and when telneting in get access to view the whole system?
> anyway to stop this?

Copy all the necessary files from /bin /usr/bin /usr/lib /usr/libexec 
/etc /usr/share, etc into /chroot/....

Then use 

---------
#!/bin/sh
cd /chroot
chroot . /usr/libexec/telnetd
--------

This will put all of your customers into a single jail, whereas ftp puts 
them into a jail each.  To put each customer into a telnetd jail each, 
you'll need to read up on chroot(2) and getsockname(2).

Danny

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.980217091112.294u-100000>