[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Can you restrict jailed users to their directories?

From: Olivier Sessink
Subject: Re: [Jailkit-users] Can you restrict jailed users to their directories?
Date: Wed, 14 Mar 2007 21:01:22 +0100
User-agent: Icedove (X11/20061220)

Jere Retzer wrote:
> I've had a request to limit jailed users to their home directories -
> no ability to walk around and look in /etc, see the names of other
> home directories and so forth. Can this be done? I attempted to take
> access by "others" off all the jail directories but that seems to
> break the jail.

users need the rights to look up their UID in /etc/passwd, and users
need the rights to find libraries in /lib to start an executable. But
/etc/ and /lib/ can be completely different from the real server if you
do not want users to know the type of system they are working on (You
can have a 32bit jail built on Gentoo running on a RedHat 64 bit server
if you want).

> (PS - guess I need to redeploy the jail now?)

or restore all the permissions (I think most of the directories are 0755
and most of the files 0644, except for executables 0755).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]