limiting users to their home directory

Nick Smith nick.smith79 at gmail.com
Tue Dec 23 03:53:05 UTC 2008


I run a small webserver with ubuntu 7.04 and would like to lock each
user down to be able to see/edit only files in his directory,
and disable ssh access.

Ive been playing with permissions for several hours and cant seem to
accomplish this.  His website is in /home/user/www so it
would have to be a solution that apache2 can still read that directory.

I found a program called scponly in one of my google searches, and
that seems disable ssh access, but he can still use winscp
or similar and browse the entire filesystem and open/download anything
at will.  It seems strange this would be default behavor.
Seems like that would be a huge security risk to have a user able to
browse to any directory he wishes and open/download the
contents.

What am i doing wrong here?  What is the easiest way to accomplish this?

Thanks for any help you can give.
Ive googled all afternoon and searched the mailing list, but cant come
up with anything that works.




More information about the ubuntu-users mailing list