From owner-freebsd-questions Mon Feb 16 15:28:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA04616 for freebsd-questions-outgoing; Mon, 16 Feb 1998 15:28:29 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from panda.hilink.com.au (panda.hilink.com.au [203.8.15.25]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA04189; Mon, 16 Feb 1998 15:27:05 -0800 (PST) (envelope-from danny@panda.hilink.com.au) Received: (from danny@localhost) by panda.hilink.com.au (8.8.5/8.8.5) id JAA23881; Tue, 17 Feb 1998 09:15:53 +1100 (EST) Date: Tue, 17 Feb 1998 09:15:52 +1100 (EST) From: "Daniel O'Callaghan" To: Child cc: questions@FreeBSD.ORG, isp@FreeBSD.ORG Subject: Re: virtual domains In-Reply-To: <3.0.3.32.19980216121833.0075afa0@192.168.0.10> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 16 Feb 1998, Child wrote: > Dear allI have setup a number of virtual domains on my system > I have chroot'd ftp access > so all users see is > /data > /cgi-bin > /icons > but need telnet access to perfrom tasks with setting up cgi scripts etc ect > and when telneting in get access to view the whole system? > anyway to stop this? Copy all the necessary files from /bin /usr/bin /usr/lib /usr/libexec /etc /usr/share, etc into /chroot/.... Then use --------- #!/bin/sh cd /chroot chroot . /usr/libexec/telnetd -------- This will put all of your customers into a single jail, whereas ftp puts them into a jail each. To put each customer into a telnetd jail each, you'll need to read up on chroot(2) and getsockname(2). Danny To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message