* Rudi Starcevic schrieb am 19.10.03 um 04:30 Uhr:
Thanks Marc,
Thanks also to Russel.
I did it with pam_chroot which is really nice
Great - I'll start looking here.
Currently we only really offer FTP access but would like
to include SSH access too.
I know with the right permissions a user account cannot do
any damage but I would just like to prevent these people from
snooping around.
I want to allow users to be able to SSH in and use things
like Postgresql, mysql and cron but not read /etc/passwd or
/etc/mail/virtusertable etc. etc.
Rudi,
additionally you may want to use the grsecurity Kernelpatch which
makes chroot() environments a lot more secure. Without this patch it
is not too difficult to break out of a chroot.
-Marc