limiting users to their home directory

Bart Silverstrim bsilver at
Tue Dec 23 13:54:37 UTC 2008

Brian McKee wrote:
> On Mon, Dec 22, 2008 at 10:53 PM, Nick Smith <nick.smith79 at> wrote:
>> I run a small webserver with ubuntu 7.04 and would like to lock each
>> user down to be able to see/edit only files in his directory,
>> and disable ssh access.
>> Seems like that would be a huge security risk to have a user able to
>> browse to any directory he wishes and open/download the
>> contents.
> Can't have your cake and eat it too (so to speak)
> He has to be a user to use ssh.   A user has to be able to access a
> large number of folders outside his home folder or he can't use the
> system  (like /bin for instance....)  Thus, if he has ssh access, he
> can read all sorts of folders, because he has to be able to!  The Unix
> guys got this stuff figured out a long time ago.  Now, read only
> access isn't that useful - as someone else pointed out it's quite
> arguable that there's not much risk there.

Just as a side note, the OP might be thinking of security as in other 
users and documents, not necessarily system security. While read-only 
access to the system's binaries isn't necessarily bad (well, 
read/execute) the ability to read a spreadsheet from Payroll or HR memos 
may be considered a Bad Thing(tm)


Just a consideration, that's all. I haven't followed the thread.

More information about the ubuntu-users mailing list