I m wondering about the best way to restrict a user after
he has ssh'd into his web folder.
Up to now, the users I had were using only FTP
to log into their web folder,
and upload stuff in there
(chrooted in their folder with vsftpd).
I m considering giving ssh access but I realized that
chroot for ssh looks quite involved.
So, I m wondering if using 'chmod o-r'
for folders(and subfolders), and files on
/etc, /home, /root, /usr and /var is a viable solution.
Restricting read privilege would allowed me to
stop that user from copying files I don t want he copies,
as well as listing directories I don t want he lists.
Still the user would be able to access system
and other users' folders,
but if he cannot do anything in there,
then there is no point for him to do it.
What do you think?
The setup is a devuan server under jessie with apache2 providing
Then, I use php-fpm to tie user, web-server and php processes.
The passwd files is as below:
Dng mailing list