Re: [Jailkit-users] Managing groups in the jail

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Managing groups in the jail

From:	Olivier Sessink
Subject:	Re: [Jailkit-users] Managing groups in the jail
Date:	Sun, 10 Sep 2006 23:08:49 +0200
User-agent:	Thunderbird 1.5.0.5 (X11/20060812)

Michael Belmont wrote:
> Now that I have created my jail and all of the users using jailkit,
> which works great on RedHat 4ES, what is the best way to create
> groups within the jail that have granular rights to sub directories
> under the jail root?  Example:  User1,user2 only have RW access to
> folder Job1, while User3 has RWE to folder Job1 and Job2. Easy enough
> in a non chrooted environment but I'm concerned about messing up the
> security of the chroot.  Any help directing me to documentation or
> examples would be appreciated.

in directories other than the system directories like <jail>/bin and
<jail>/lib you can have any permissions you want without affecting the
security.

The only extra measure you can take is to mount a data partition in the
jail with nosuid,noexec options, so users can never upload executables
to a user or group writable area.

regards,
        Olivier

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] Managing groups in the jail, Michael Belmont, 2006/09/10
- Re: [Jailkit-users] Managing groups in the jail, Olivier Sessink <=

Prev by Date: [Jailkit-users] Managing groups in the jail
Next by Date: [Jailkit-users] permission denied
Previous by thread: [Jailkit-users] Managing groups in the jail
Next by thread: [Jailkit-users] permission denied
Index(es):
- Date
- Thread