Limiting Access, can this be done?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


I am running CentOS.  I only use SFTP to transfer files to/from the
server.  I can log in using SSH, of course.

The problem is, one of my clients wants an employee to be able to
upload files to one of their Apache directories.  So, I've created a
user for them, but I want to limit access such that the user cannot go
anywhere else but that directory.

I've changed his home directory to be where the images will be
uploaded, but I can still change directories and look around.

Can this be done, limiting the users access to his home directory,
without destroying the Webserver from accessing the files??

Any help would be great....


Re: Limiting Access, can this be done?

Quoted text here. Click to load it

Don't use SSH for this. OpenSSH has had chroot cages published for
this before, by people like me, but they've never been accepted into
the main codeline. There are some published sort-of-hacks for it, but
they don't work well.

Instead, use WebDAV over HTTPS. This is robust and effective.

Site Timeline