I repeat: A lot depends on your FTP server. (What is it?) I think proftpd will let you restrict a user to one particular directory, and might even be able to arrange a chroot jail.
That would be highly secure -- as far as his login would be concerned, directories above the one he's chrooted into simply wouldn't exist. If you want to restrict him to one and only one directory and not even know others exist, chroot is what you want.
But, doing that depends on your FTP server.
Being able to create files in directories owned by root is normal if the directory is world-writable or he belongs to a group which is allowed to write to it. WARNING -- if he is able to create files in a directory, he may be able to delete files owned by anyone there as well! This is because file deletion is controlled by directory write permissions, not file ownership. (There are some obscure options in some filesystems to change this behavior.) An example in my home directory:
Make sure he doesn't belong to any groups he doesn't need to belong to.
Last edited by Corona688; 08-09-2010 at 01:37 PM..
Hello everybody!
I'm Fabian from Germany near Hannover.
I bought SuSE 7.1 before 3 days .
I want use SuSE as a PHPserver!
(My english is very bad)
Now my question:
Is SuSE or Rad Hat better for this problem? On my system is always run SuSE 7.1 now, but I think Rad Hat is better for this... (4 Replies)
I've had Linux when I was young, on one of our first computers and learned it pretty quickly... However, I've been working on Windows for about 7 years now and just made the switch back to Linux, Mandrake 9.1. So I have some problem with creating new user accounts. I could create one, but once I... (3 Replies)
I wonder whether someone can help me with what I'm trying to achieve
Basically, the objective is one script to create new user on more than 70 linux hosts if required.
Everything works apart from the highlighted part. It gave me an output
passwd: Unknown user name ''. when try to set... (35 Replies)
Hi Experts,
Need your support
Redhat 6.5
I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login
to perform any task. (10 Replies)