On Thu, 12 Aug 2010 15:31:04 +0200, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > On Thu, 2010-08-12 at 14:40 +0200, roland wrote: >> I would like to give someone a login on my server. >> But, I would like to limit access to his home dir. >> >> With Nautilus, Konqueror or from distance with p.e. Winscp, this >> person could see what he wants and do maybe the unexpected. > > Unless you get slack with permissions, they can't read files owned by > someone else unless those files have read permission for "other" users. > Likewise, regarding writing to them. No ordinary user can change system > or application files, only their own files. > > And, as far as restricting them, that may depend on what you mean by > logon to your system. You're sharing out a drive, directories, or > actually allowing a direct logon where they can run things. > Someone who will install a website on the server. So I thought to give him a login and config apache to read the dir in his home dir. He has to upload the files for this site. So I won't him to see only his home dir. So actually he will not run something, just install. -- Roland
chrooted ssh.
http://www.howtoforge.com/chrooted_ssh_howto_debian
It's for debian, but it works ok on fedora too. You don't necessarily need to download patched openssh, as now the openssh fedora ships supports chroot out of the box.
-- Calin Key fingerprint = 37B8 0DA5 9B2A 8554 FB2B 4145 5DC1 15DD A3EF E857 ================================================= Come quickly, I am tasting stars! -- Dom Perignon, upon discovering champagne. |
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines