[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: user homedir chroot jail..



On Sat, Feb 02, 2002 at 10:23:29AM -0500, Ben Collins wrote:
> On Sat, Feb 02, 2002 at 04:37:01PM -0800, Petre Daniel wrote:
> > how can i deny to a user with shell access the browsing of /home ?
> > thanx
> 
> chmod 711 /home
> 
> So they can go into directories they know about, but they wont be able
> to do "ls -l /home"

Of course, if they know the usernames (which they will from cat /etc/passwd)
then they can do a straight cd /home/username/ even if /home is chmod 711.
Only by setting the user ~/ to 750 can you prevent them entering the
directory.

So yes, the best solution is chmod 711 /home; chmod 750 /home/* and then
set the umask for all users to 027.

HTH,

Matthew

-- 

Matthew Sackman
Nottingham
England

BOFH Excuse Board:
Interference between the keyboard and the chair.



Reply to: