limiting users to their home directory
loic.grenie at gmail.com
Tue Dec 23 21:00:51 UTC 2008
2008/12/23 H.S. <hs.samix at gmail.com>:
> Loïc Grenié wrote:
>> 2008/12/23 H.S. <hs.samix at gmail.com>:
>>> Nick Smith wrote:
>>>> I run a small webserver with ubuntu 7.04 and would like to lock each
>>>> user down to be able to see/edit only files in his directory,
>>>> and disable ssh access.
>>> There have been many responses to this post. I just want to throw
>>> another point of view (if it hasn't been mentioned already).
>>> From your query above, it appears you want users to not see anything at
>>> all other than their own home. I am not sure this is easy to do, if at
>>> all possible. They will at least have to see (able to read and execute)
>>> the commands they use (ls, rm, mkdir, etc.). So here itself I see some
>>> contradictions in your query above.
>> You do not need to be able to read a command to execute it. You
>> can deny the read permission to most of the command (not the
>> shell-scripts, though). You can also deny the read permission of the
>> directories (that disallows the browsing).
>> (as root)
>> chmod 711 /bin
>> chmod 755 /bin/ls
>> (as user)
>> works the same as usual.
> Okay. But I do not see its use if the OP desires this. And what about
> conf files and default desktop files the various window managers use?
> And the system font files?
> Also, if the OP sets the user's default permissions with rwX with no
> permissions for groups and others, except in the case of ~/www
> directories, wouldn't this achieve what he wants to do?
> What I do not understand yet is does the OP want to hide *all* of the
> system from each user or just other users?
This is what I understand: he wants to hide all the system to
all users. Other users directories is easy: chmod 700 /home/*
plus some usage of mount -o bind to let apache see the
Nick Smith, the first poster, asked specifically
I [...] would like to lock each user down to be able to see/edit
only files in his directory, and disable ssh access. [...]
Seems like that would be a huge security risk to have a user
able to browse to any directory he wishes and open/download
Being able to read the files of other user does not look
like a "huge security risk". A privacy risk maybe, a small
security risk (if some user has left a readable private key
in a readable dir). Therefore I conclude that The first poster
wanted to deny to all users the access to all the system
except to their own files. As far as I can tell (and everybody
else here) it is nearly impossible and mostly useless.
I repeat here what has been said before by various persons
(including my very own self), it is *not* a huge security risk
to let anybody see and download most of the operating
system. Obviously the private keys of the system must
not be accessible, nor the encrypted passwords (even though
I hope the encryption algorithm is better than what it was
20 years ago). The sensible files are unreadable by default
so that an Ubuntu system is mostly safe as is. Preventing
users to read the files does *not* significantly improve the
security (think: 0.1% more secure). Keeping the system
patched is a *much* better security improvement, checking
if the system is properly configured is *much* *better* (and
in that case not leaving the users read the files has 0 impact
More information about the ubuntu-users