Link to home
Start Free TrialLog in
Avatar of roduno
roduno

asked on

How can I restrict users in Solaris 8?

I am running a small web hosting service on a Unix server running solaris 8.  I want to be able to restrict users to a certain "folder" or area in the server when they ftp in to the system to load their web pages.  I know how to add a user to the system but I have not been able to figure out how to keep them from going outside of their particular folder.  I imagine that there is a way to do this on Solaris.  Any guidance is much appreciated!

Avatar of yuzh
yuzh
You need to set the proper dir permisions, eg: you web server Document Root is
/www
under /www
you have dir1, dir2, dir3..., dirN etc

and you want user1 can only put files in dir1, userN, put files in dirN etc.
the Document Root  is own by admuser or root.

you login as root (or su as root), and then do the followings:

cd /www
chmod 750 dir1
chmod g+s dir1
chown user1:nobody dir1

do the similar thing for dir2...dirN

then user1 can only FTP to dir1, user2 FTP to dir2....
Avatar of Tintin
Tintin
The safest way is to set up a chrooted ftp environment.

man ftpd

and look for the section on how to set up a chrooted environment.
Avatar of yuzh
yuzh
You can also use "scponly"
    http://www.sublimation.org/scponly/

    also see:
    http:Q_20975062.html
Avatar of PsiCop
PsiCop
Flag of United States of America image
Also, if the users do not actually access a shell account on the system, you can set their account home directory to the document directory where they are permitted to upload files (that is, their home directory does not NEED to be /home/user or /export/home/user). This is not really a security measure, just a system administration nicety.
ASKER CERTIFIED SOLUTION
Avatar of Mike R.
Mike R.
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial