[thelist] linux: user / permission chaos

Dean Mah dsmah at home.com
Thu Apr 19 14:02:23 CDT 2001


I doubt that you can with the Linux base install.  Even if you were to
use a chroot environment, you would have to make all of the system
commands like 'ls', 'more', 'cat', 'bash', etc. available to the user
by moving them into his home directory or something.

You could install something like Kerberos that supports Access Control
Lists (ACLs) which will give you more flexibilty in configuring
security.

For most directories, you can usually use 711 on them so that users can
go into the directories but are not allowed to list what's in them.
Of course, if they already know the filenames then they can still
access the files.

What are you trying to hide?  Maybe set permissions on a case-by-case
basis.

Dean


Joxn writes:

> Hi,
> I've got some chaos concerning the user / permission on our RedHat
> server.
> 
> I want to lock a user in his homedir eg. /home/userfoo/
> 
> Our websites are in /home/sites/site01.com/ and so on.
> 
> /home is owned by root and set to "drwxr-xr-x" - this way the sites work
> fine.
> 
> However, if I set ".." in /home/userfoo/ to "drwx------" I actually
> change the setting of /home and the sites break, too.
> 
> So how can I lock a user in his homedir without breaking the sites?




More information about the thelist mailing list