Creating a user who can only see their own files.

Can anyone tell me how to create a user that can only see their own files, have created the user but they can still see files in other home directories.

I'm going to tear my hair out soon (what's left).
Who is Participating?
chris_calabreseConnect With a Mentor Commented:
Are these FTP-only users, or do they also login interactively?

If FTP-only, you can get a copy of wu-ftpd or pro-ftpd and configure it to chroot() to each users' home directory.

If they also login interactively, you can roll your your own login wrapper (not hard to do) to do a similar chroot().

chroot() is the only way to restrict the user to their home directory (there are even ways to break out of the chroot area, but it's much much harder than breaking out of a restricted shell).
[root@ man restricted_shell
Reformatting page.  Wait... done

Maintenance Commands                                      rsh(1M)

     rsh, restricted_shell - restricted shell command interpreter

     /usr/lib/rsh  [ -acefhiknprstuvx ]  [ argument ... ]

     rsh  is a limiting version of the  standard  command  inter-
     preter  sh  ,  used to restrict logins to execution environ-
     ments whose capabilities are more controlled than  those  of
     sh  (see sh(1) for complete description and usage).

     When the shell is invoked, it scans the environment for  the
     value  of  the environmental variable, SHELL. If it is found
     and rsh  is the file name  part  of  its  value,  the  shell
     becomes a restricted shell.

     The actions of rsh  are identical to those of  sh  ,  except
     that the following are disallowed:

        o  changing directory (see cd(1)),

        o  setting the value of $PATH,

        o  pecifying path or command names containing /,

        o  redirecting output (> and >>).

     The restrictions above are enforced after .profile is inter-

     A restricted shell can be invoked in one  of  the  following

        1. rsh  is the file name part of the last  entry  in  the
           /etc/passwd file (see passwd(4));

        2. the environment variable SHELL exists and rsh  is  the
           file  name part of its value; the environment variable
           SHELL needs to be set in the .login file;

        3. the shell is invoked and rsh  is the file name part of
           argument 0;

        4. the shell is invoke with the -r option.When a  command
           to  be  executed is found to be a shell procedure, rsh
           invokes sh  to execute it. Thus,  it  is  possible  to
           provide  to  the  end-user shell procedures  that have
           access to the full power of the standard shell,  while
           imposing  a  limited  menu  of  commands;  this scheme
           assumes that the end-user does not have write and exe-
           cute permissions in the same directory.

SunOS 5.7            Last change: 1 Nov 1993                    1

Maintenance Commands                                      rsh(1M)

     The net effect of these rules is  that  the  writer  of  the
     .profile  (see  profile(4))  has  complete control over user
     actions by performing guaranteed setup actions  and  leaving
     the user in an appropriate directory (probably not the login

     The system administrator often sets up a directory  of  com-
     mands  (that  is, /usr/rbin) that can be safely invoked by a
     restricted shell. Some systems  also  provide  a  restricted
     editor, red .

     Errors detected by the shell, such as syntax  errors,  cause
     the shell to return a non-zero exit status.  If the shell is
     being used non-interactively execution of the shell file  is
     abandoned.  Otherwise,  the shell returns the exit status of
     the last command executed.

     See attributes(5) for descriptions of the  following  attri-
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWcsu                     |

     intro(1),  cd(1),   login(1),   rsh(1),   sh(1),    exec(2),
     passwd(4), profile(4), attributes(5)

     The restricted shell, /usr/lib/rsh, should not  be  confused
     with  the remote shell, /usr/bin/rsh, which is documented in

SunOS 5.7            Last change: 1 Nov 1993                    2

erikjensenAuthor Commented:
No good since this does not allow the user to log in as an FTP user.
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- Answered by chris_calabrese

Please leave any comments here within the next 7 days


Cleanup Volunteer
Per recommendation, force-accepted.

EE Admin
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.