CJ,
Thanks! It's not that I don't trust my users, I just want to
avoid not having to =) I'm finding that ppl are more and
more dishonest when it comes to their Internet accounts.
Nathan Middleton
----- Original Message -----
From: C.J. Oster <[EMAIL PROTECTED]>
To: Nathan Middleton <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, June 25, 1999 7:38 AM
Subject: Re: Home directories.
> First thing first... Upgrade to AT LEAST redhat 5.2. There are several
> VERY SERIOUS security holes in 4.0 and 4.2, and only a few easily fixable
> holes in a fresh 5.2 distro. Since redhat is free, do an ftp install of
> 6.0 from sunsite and you should be set. As for the telnet access, the
> installation hot off of the cd has adequate security for user accounts.
> That is users can't get into things that they shouldn't be able to. If
> you pay attention to the owner and groups of users home directories and
> their web directories, you shouldn't have a problem. If you really want
> to restrice things I think it's ksh that you can add a -r option to
> restrice things a little more. Users can't execute anything not in the
> standard search path (/bin /usr/bin /usr/sbin... etc), can't cd out of
> their home directory, and a few other things but I don't think that is
> neccissary if you only have a few users. A good philosophy is if you
> can't trust your users, then they shouldn't have access to your machines.
>
> -CJO-
>
> On Thu, 24 Jun 1999, Nathan Middleton wrote:
>
> >Hi!
> >
> >I've for sometime been offering FTP access to our
> >web server (we're a small ISP w/ maybe 5 user accounts
> >that have web sites). Anyways, I'd like to let my users
> >telnet into the server and make changes that way, but
> >I don't want them to be able to:
> > 1) go to any other directory than the ones that have
> > permissions for.
> >
> > 2) view other users contents. (1 mostly covers it)
> >
> >Could some kind sould point me in the direction to
> >where I could find out how to do this? I'm currently
> >running RH 4.0 on the server but would like to go to
> >either 5.2 or 6.0, any suggestions. Please no flames
> >about my choice of distro.
> >
> >Nathan Middleton
> >
> >
>
> C.J. Oster (Linux Guru/Surge Addict)
> ------------------------------------------------------------------
> | [EMAIL PROTECTED] | 1003 S. 1st St. | CCSO, WSG, UIUC |
> | [EMAIL PROTECTED] | Champaign, IL 61820 | L538 DCL, Urbana |
> | ---------------------------------------------------------------|
> | PGP: 87D5 4216 43A1 42D6 754D 8F5E 24B3 992A B7A1 F556 |
> ------------------------------------------------------------------
> (580)761-6393 (217)328-8934
> "Linux, for people with an IQ above 98" - Bumper Sticker
> "Hm, a little big for a cup holder... Why does it say '4x' on it?"
>
