September 13th, 2002, 09:14 AM
|
|
Contributing User
|
|
Join Date: Jan 2002
Posts: 56
Time spent in forums: 50 sec
Reputation Power: 7
|
|
|
User Accounts
Currently my FREBSD box has a single user account that I use to telnet into an then su to root to do administrative tasks.
I'm hosting a lot of websites and am now looking into giving ftp access for users to their directory. What I have it this
/usr/local/www
from here are each domain I host, so each users directory is in this www directory.
Every directory in the www directory has 755 permissions. I have created a test account and set the user's home directory to
/usr/local/www/whatever.com/newuser
/usr/local/www/whatever.com/ has 755 permissions and is owned by newuser and group newuser
The rest of the directories in www are owned by my original login account so one directory would look like this
drwxr-xr-x 11 pete pete 1024 Aug 19 17:09 residenceperfection.com
I FTP'd in under the new user and it brought me to /usr/local/www/whatever.com/newuser like I wanted, but I was able to change directories to /usr/local/www/ and even able to goto /usr/local/www/residenceperfection.com under the new user and download files. Now access is denied for uploading into these directories, but you can see the issue. A user could potentially download another client's website, or even worse config files for logging into their admin page with username's/passwords etc.
What I want to do is allow the user access to only their directory
(ie) /usr/local/www/whatever.com/newuser
and not be able to cd to /usr/local/www or at least not be able to access /usr/local/www/someoneelseessite.com
Is it just a permissions thing?? What should they be for /usr/local/www and /usr/local/www/sitename.com? (provided sitename.com is owned and in a diffrent group) Can I set the permissions low enough to where another user can't see it, but it doesn't effect if a web user can access the page?
Thanks!!
Petey
|
Dev Shed Forums Sponsor:
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
