From owner-freebsd-questions Mon May 7 16: 8:50 2001 Delivered-To: freebsd-questions@freebsd.org Received: from tellurian.net (gate.tellurian.net [216.182.1.1]) by hub.freebsd.org (Postfix) with ESMTP id CFCB737B424 for ; Mon, 7 May 2001 16:08:46 -0700 (PDT) (envelope-from walt@betan.com) Received: from walt99 (unverified [216.182.56.86]) by tellurian.net (Rockliffe SMTPRA 4.5.4) with ESMTP id for ; Mon, 7 May 2001 19:08:46 -0400 Message-Id: <4.2.2.20010507190353.00b77450@pop3.palace.net> X-Sender: walterbetanc@pop3.palace.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Mon, 07 May 2001 19:04:39 -0400 To: questions@FreeBSD.ORG From: Walter Betancourt Subject: Re: restricting ftp access In-Reply-To: <15095.9137.554752.798356@guru.mired.org> References: <1692265@toto.iv> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG as I was just trying to do this without success, I'll hold my breath and wait to see any reply. At 05:37 PM 5/7/01 -0500, you wrote: >Nathan Vidican types: > > man chmod, man chown > > > > You can change the permissions structure so as not to allow a user to > > exit a directory. For example: user is logged into /home/users/someuser, > > they can cd to /home/users, but not down to /home; and therefore not to > > anything below /home (eg: /etc). > >Have you actually done this, and made it work? If so, I'd be >interested to know what permissions you used - and on which >directories - as my experience is that this can't be done. A process >has to be able to read / and /home in order to get to /home/users, >which means they can get to anything in / and /home. > > -- >Mike Meyer http://www.mired.org/home/mwm/ >Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message Walt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message