Results 1 to 2 of 2
I have a fair bit of experience with linux but i'm having trouble trying to secure a directory. I want only certain users that are part of a group to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 08-19-2005 #1
- Join Date
- Aug 2005
I have a fair bit of experience with linux but i'm having trouble trying to secure a directory.
I want only certain users that are part of a group to be able to access only a certain directory (ie. /temp/secure). I dont want them to be able to move upward in the directory tree structure by executing "cd .." . I want them to to only stay in the secure directory and sub-dirs.
Users will only be able to access the linux machine through sftp. I can set their home directories in /etc/passwd to /temp/secure and when they are authenticated by sftp they will be in /temp/secure. But I dont want them to be able to issue "cd .." to move into temp.
I anyone has any insight on how to do this please let me know.
- 08-19-2005 #2
Add all of the users into the "secure" group. /Set temp/secure to have the owning group of "secure" (chown :secure /temp/secure). The permissions you're gonna want are:
***rwx*** -- /temp/secure/
Then, for the /temp directory, make sure the owning group is not "secure", and set the other permissions to ******---.
So basically, the secure group can read/write/execute the /temp/secure directory, but can't execute the /temp directory, which should prevent them from moving up at all.
However, in this example, they may be able to cd into other directories (like /etc/, etc.). One possible solution may be putting "chroot /temp/secure" into their ~/.bashrc files, but I dunno that that will work.
For the record, I can't guarantee that my solution will work, but you may wanna give it a shot.