[Chugalug] Running multi sites on one(non virt) machine

Dave Brockman dave at brockmans.com
Mon Mar 17 14:53:59 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 3/17/2014 9:55 AM, David White wrote:
> I really need a way to separate permissions and visibility from 1
> user's directory to another's (user X shouldn't be able to see user
> Y's stuff when they login via sFTP). Even though I have my user's
> stuff separated in different directories, any user - if they wanted
> to and knew how, could navigate _up_ the directory tree and then
> over into another user's folder.

I chroot the user to their own directory (which is one above their
website DocumentRoot) so they cannot walk the directory tree.  All
users are virtual, I haven't handed out actual system accounts in 20
years.

Regards,

dtb

- -- 
"Some things in life can never be fully appreciated nor understood
unless experienced firsthand. Some things in networking can never be
fully understood by someone who neither builds commercial networking
equipment nor runs an operational network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTJwyHAAoJEMP+wtEOVbcd98MH/RA3WGzUjdhnc6mvEgVZbt0I
x6RC2H8MyhnffxZIgsBc71oIQ64l+Q/BwO476IW2kg3x9iop7oA54cvVBOaR4ibX
7KXpfL13osadFqcLnZbLnHF5Lkru4LcSoYxCBe8XiZUCXhcb8ZC4ev7pTBBy3M5b
cuaAw/Y20msYQVPzr1pmUojnMl2h6h3kaXLomSqIeMMUXqWiWp2cXnViZkK8rpi7
b3CZYsCRcpFd1QubSY4Q4a81E4NMD02DRzVVDO0twFtDg/XgVNTaAu/HIzuqfkmf
J6afpQpy22uDpeMpwx+ruhlsdY4gPAkIsSmEBukJwEE8mZ8MqBvUj1q0ZzK7a2E=
=9lLK
-----END PGP SIGNATURE-----


More information about the Chugalug mailing list