TIMFOX123
asked on
Lock down a user to just their home directroy
I have a group of people that I want to have read/write access to a directory. They are windows users that will be useing the winscp software to download pictures of homes.
I want to limit them to just that one directory. They are currenty a memeber of the "user's" group and have a shell of /bin/bash.
Should I change the shell to nothing? Should I create a new group and not give them rights to anything. Should I to a changeroot jail.
I do not want anybody deleting any of my system files and I do not want them viewing any images on my system that were not intended for them to view.
Winscp is working NOW so I would like to get this fixed before someone gets curious
timfox123
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here's another example of chroot login setup:
http://www.kegel.com/crosstool/current/doc/chroot-login-howto.html
http://www.kegel.com/crosstool/current/doc/chroot-login-howto.html
ASKER
scponly really ROCKS !!!!
I have a passworded share and the windows users use a gui winscp to drag/drop to my share. They are change root jailed so they can not mess with my other files. Easy safe secure (ish).
This was so much easier than making a jail, you just typed in the make jail and it made a change root jail.
Wahhooo, I am happy. Now the other people in the Home Owners Association do not think I am a moron (untill another day).
Dave
I have a passworded share and the windows users use a gui winscp to drag/drop to my share. They are change root jailed so they can not mess with my other files. Easy safe secure (ish).
This was so much easier than making a jail, you just typed in the make jail and it made a change root jail.
Wahhooo, I am happy. Now the other people in the Home Owners Association do not think I am a moron (untill another day).
Dave
ASKER
Any commnents on scponly ?
Dave