Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 08-19-2002, 09:00 AM   #1
Registered: Aug 2001
Location: Buffalo, NY
Distribution: Red Hat
Posts: 83

Rep: Reputation: 15
restricting a user's access to a single directory

Simple question here: how can I restrict a user's access to ONLY their home directory? I don't want them to be able to read any other directories on the server. Obviously right now they can browse just about anywhere on the server without actually doing anything, but I just want them to be able to work with files in their home dir. Can someone let me know how to do this? Thanks!
Old 08-19-2002, 12:32 PM   #2
Registered: Jul 2002
Posts: 143

Rep: Reputation: 15
cd into the users dir and chown the .. to root and chmod it so world cant execute it and he should be locked in


never mind, cannot login if you do that=p oh well. you can start chrooting processes the users are using to log in, that will lock them in a directory for sure

Last edited by turnip; 08-19-2002 at 01:36 PM.
Old 08-19-2002, 07:18 PM   #3
Registered: Jan 2002
Location: Galveston Island
Distribution: suse, redhat
Posts: 208

Rep: Reputation: 30
man bash

Check out the -r execution option. This restricts the user to polite activities (no cd, no changing shells, etc.). Use rbash (which is the same as "bash -r") as the users login shell. Don't forget to add rbash to /etc/shells.
Old 08-22-2002, 12:22 PM   #4
Registered: Aug 2000
Location: NY - USA
Distribution: Slackware
Posts: 109

Rep: Reputation: 15
Restricted shells can be a deterrent, but note that scripts and programs can easily circumvent the shell restriction. Your best bet is to create a chroot'ed environment with local statically-linked binaries in the user's home dir.

I guess the larger question is why you would want this person on the machine, if they can't be trusted to play nicely Turn on accounting if you're paranoid.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Not able to go to other user's home directory biswajit_dey Linux - Software 6 07-21-2005 08:14 AM
Changing user's home directory? HOW barton Debian 10 04-04-2005 02:27 AM
Restricting directory access with vsftpd BobM Linux - General 1 03-30-2004 10:19 AM
restricting directory access with vsftpd BobM Linux - Networking 0 03-30-2004 08:07 AM
how to change a user's Home directory n1wil Linux - General 8 08-24-2002 03:22 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:34 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration