I m wondering about the best way to restrict a user after 
he has ssh'd into his web folder.

Up to now, the users I had were using only FTP 
to log into their web folder, 
and upload stuff in there
(chrooted in their folder with vsftpd).

I m considering giving ssh access but I realized that 
chroot for ssh looks quite involved.

So, I m wondering if using 'chmod o-r' 
for folders(and subfolders), and files on 
/etc, /home, /root, /usr and /var is a viable solution.

Restricting read privilege would allowed me to 
stop that user from copying files I don t want he copies, 
as well as listing directories I don t want he lists.

Still the user would be able to access system 
and other users' folders,  
but if he cannot do anything in there, 
then there is no point for him to do it.

What do you think?

The setup is a devuan server under jessie with apache2 providing
http server.
Then, I use php-fpm to tie user, web-server and php processes.
The passwd files is as below:

Dng mailing list

Reply via email to