Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    security directories

    I have a fair bit of experience with linux but i'm having trouble trying to secure a directory.

    I want only certain users that are part of a group to be able to access only a certain directory (ie. /temp/secure). I dont want them to be able to move upward in the directory tree structure by executing "cd .." . I want them to to only stay in the secure directory and sub-dirs.

    Users will only be able to access the linux machine through sftp. I can set their home directories in /etc/passwd to /temp/secure and when they are authenticated by sftp they will be in /temp/secure. But I dont want them to be able to issue "cd .." to move into temp.

    I anyone has any insight on how to do this please let me know.

  2. #2
    Linux Guru Cabhan's Avatar
    Join Date
    Jan 2005
    Seattle, WA, USA
    I'm thinking...

    Add all of the users into the "secure" group. /Set temp/secure to have the owning group of "secure" (chown :secure /temp/secure). The permissions you're gonna want are:

    ***rwx*** -- /temp/secure/

    Then, for the /temp directory, make sure the owning group is not "secure", and set the other permissions to ******---.

    So basically, the secure group can read/write/execute the /temp/secure directory, but can't execute the /temp directory, which should prevent them from moving up at all.

    However, in this example, they may be able to cd into other directories (like /etc/, etc.). One possible solution may be putting "chroot /temp/secure" into their ~/.bashrc files, but I dunno that that will work.

    For the record, I can't guarantee that my solution will work, but you may wanna give it a shot.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts