I've got a bit of a dilemna... I am part of a website design
team for a new client, which wants us to setup a membership
system for them.
The membership system allows members to use an online
CGI-driven script to design their homepage. To do this I
setup a users directory where all member accounts will be
stored in, the users have ftponly access to the site. The
users directory and all member subdirectories are now group
owned by the web server group (www) with group write permissions so the CGI scripts can write to their directories.
However, now I find that users can ftp in, change directories to another users directory and also write
to those! Obviously not what I wanted.
Can anyone suggest a way to accomplish the following goals:
1) Allow the web server to write to all subdirectories of
the users directory via CGI.
2) Allow users to ftp into their accounts and have full
3) Prevent users from being able to write to other users
I would greatly appreciate your suggestions!