[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] User can view files outside his own chroot directory
From: |
Marcin Krol |
Subject: |
Re: [Jailkit-users] User can view files outside his own chroot directory |
Date: |
Thu, 27 Jun 2013 13:58:03 +0200 |
User-agent: |
Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Have you specified . (dot) in user's home directory as "jailkit
boundary" when adding user's home dir?
See here:
http://prabampm.wordpress.com/2012/07/17/how-to-create-jail-users-in-debiancentos-ssh-with-jailkit/
W dniu 6/27/2013 12:40, Jianzhou pisze:
> Hello rich,
>
> Thanks you for your quick reply.
>
> i follow the example & howto given on the jailkit website..
>
> here is how i setup jailkit . please review:
> ---------------------------------------
> http://pastebin.com/YfN6S8FG
>
>
> Server information ---------------------------------- the server is
> a 64 bit centos server 5.6.
>
>
> my /etc/passwd ---------------------------------
> bb4:x:501:501::/backup/jail/./home/bb4:/usr/sbin/jk_chrootsh
>
>
> Thanks alot.
>
>
>
> On Thu, Jun 27, 2013 at 6:24 PM, Richard Scott
> <address@hidden <mailto:address@hidden>>
> wrote:
>
> __
>
> Hi,
>
>
> A chrooted user can normally see all files inside the chroot. If
> you have it configured correctly you can't see the servers /etc
> folder inside the chroot.... if you can, then its not configured
> correctly.
>
> Hope that helps,
>
> Rich
>
> On 27/06/2013 09:36, Jianzhou wrote:
>
>> Hello,
>>
>> For example, the user is /home/ww1 he can view files &
>> directories in /home or even /etc when sftp to the server.
>>
>> Is this normal?
>>
>> I like to lock him to his own directory (/home/ww1) only.
>>
>>
>>
>> -- Best Regards, Jianzhou
>>
>> _______________________________________________ Jailkit-users
>> mailing list address@hidden
>> <mailto:address@hidden>
>> https://lists.nongnu.org/mailman/listinfo/jailkit-users
>
> _______________________________________________ Jailkit-users
> mailing list address@hidden
> <mailto:address@hidden>
> https://lists.nongnu.org/mailman/listinfo/jailkit-users
>
>
>
>
> -- Best Regards, Jianzhou
>
>
> _______________________________________________ Jailkit-users
> mailing list address@hidden
> https://lists.nongnu.org/mailman/listinfo/jailkit-users
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJRzCjLAAoJEFMgHzhQQ7hOf14H/RFB7y2Zn7TDHbcx1bTWuTbG
5w3IQ/fiagOenBXD/Rv5gSLQX2kvFkOQs94vJjoOa5Rj/CMyax5cjwzyo4KkiRGs
iJAvuYTbcFlR2IuDWj4kafDweGgEbmjGDJ9fDEkDe3vT/jz9JtfZMYlGJOocUPDA
9wUiJNgHKzKd+/DewX1YCpMIoDmzVBYx8Qo2rSX8SRyoNR1tgPAxPcU1srIAT3TH
oXk/EO8dujLNs6kvqxS3Wtixp95rllRDi6LymXjEJK2lhY+kg8HobNfO7GdYGYrk
TFrD2O2fT0z7OGwsqQiNN8+aVgTHXYUN/CneO0W0S5HJhedjamBtaIvvariGQs8=
=9qIm
-----END PGP SIGNATURE-----