On 08/12/2018 09:10 AM, KatolaZ wrote: > On Sun, Aug 12, 2018 at 01:55:00PM +0900, mett wrote: [snip]>> I m considering giving ssh access but I realized that >> chroot for ssh looks quite involved. >> >> So, I m wondering if using 'chmod o-r' >> for folders(and subfolders), and files on >> /etc, /home, /root, /usr and /var is a viable solution. > > Maybe use a restricted shell, allowing only the bunch of commands you > would like the users to be able to run. Beware of cat(s), though.
With restricted shell the main thing is to make a separate directory for the rshell user and replace $PATH with it so they can't access the normal directories. There you put links (symbolic or hard) to the original applications they are allowed to run, how ever few those are but the fewer the better. However, why vsftpd instead of using chrooted SFTP for the file transfers? /Lars _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng