Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] Login questions
Am 07.02.2002 15:18:21, schrieb Praise <praisetazio@xxxxxxxxxxxxx>:

>Il 12:06, giovedì 7 febbraio 2002, NP AE Ruslan Nesterov ha scritto:
>> Dear mail list members,
>>
>> I never thought that I'll face it but now I did. So my question is
>> really simple, I need to prevet a user going anywhere outside his home
>> catalog.
>> ex: user catalog is /home/bla
>> so he couldn't go to /home.
>> Also how to prevent user login in via telnet, ssh, but letting him log
>> in via ftp server. When I put /sbin/nologin. Ftp server is not allowing
>> to log in.
>> Any ideas?
>
>Set the default shell to /bin/false and they wont be able to login with
>telnet or ssh. But if you do not need them, turn them off!

And you can put him in a own group which is only able to access his
homedir, to prevent "traversal" and other tricks.

Michael Appeldorn



< Previous Next >
References