From owner-freebsd-questions Mon May 7 15:37:41 2001 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186]) by hub.freebsd.org (Postfix) with SMTP id 33FD537B422 for ; Mon, 7 May 2001 15:37:38 -0700 (PDT) (envelope-from mwm@mired.org) Received: (qmail 59375 invoked by uid 100); 7 May 2001 22:37:37 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15095.9137.554752.798356@guru.mired.org> Date: Mon, 7 May 2001 17:37:37 -0500 To: Nathan Vidican Cc: questions@freebsd.org Subject: Re: restricting ftp access In-Reply-To: <1692265@toto.iv> X-Mailer: VM 6.90 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Nathan Vidican types: > man chmod, man chown > > You can change the permissions structure so as not to allow a user to > exit a directory. For example: user is logged into /home/users/someuser, > they can cd to /home/users, but not down to /home; and therefore not to > anything below /home (eg: /etc). Have you actually done this, and made it work? If so, I'd be interested to know what permissions you used - and on which directories - as my experience is that this can't be done. A process has to be able to read / and /home in order to get to /home/users, which means they can get to anything in / and /home. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message