jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] User can view files outside his own chroot directory

From: Marcin Krol
Subject: Re: [Jailkit-users] User can view files outside his own chroot directory
Date: Thu, 27 Jun 2013 13:58:03 +0200
User-agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Have you specified . (dot) in user's home directory as "jailkit
boundary" when adding user's home dir?

See here:

http://prabampm.wordpress.com/2012/07/17/how-to-create-jail-users-in-debiancentos-ssh-with-jailkit/



W dniu 6/27/2013 12:40, Jianzhou pisze:
> Hello rich,
> 
> Thanks you for your quick reply.
> 
> i follow the example & howto given on the jailkit website..
> 
> here is how i setup jailkit . please review: 
> --------------------------------------- 
> http://pastebin.com/YfN6S8FG
> 
> 
> Server information ---------------------------------- the server is
> a 64 bit centos server 5.6.
> 
> 
> my /etc/passwd --------------------------------- 
> bb4:x:501:501::/backup/jail/./home/bb4:/usr/sbin/jk_chrootsh
> 
> 
> Thanks alot.
> 
> 
> 
> On Thu, Jun 27, 2013 at 6:24 PM, Richard Scott 
> <address@hidden <mailto:address@hidden>>
> wrote:
> 
> __
> 
> Hi,
> 
> 
> A chrooted user can normally see all files inside the chroot. If
> you have it configured correctly you can't see the servers /etc
> folder inside the chroot.... if you can, then its not configured
> correctly.
> 
> Hope that helps,
> 
> Rich
> 
> On 27/06/2013 09:36, Jianzhou wrote:
> 
>> Hello,
>> 
>> For example, the user is /home/ww1 he can view files &
>> directories in /home or even /etc when sftp to the server.
>> 
>> Is this normal?
>> 
>> I like to lock him to his own directory (/home/ww1) only.
>> 
>> 
>> 
>> -- Best Regards, Jianzhou
>> 
>> _______________________________________________ Jailkit-users
>> mailing list address@hidden
>> <mailto:address@hidden> 
>> https://lists.nongnu.org/mailman/listinfo/jailkit-users
> 
> _______________________________________________ Jailkit-users
> mailing list address@hidden
> <mailto:address@hidden> 
> https://lists.nongnu.org/mailman/listinfo/jailkit-users
> 
> 
> 
> 
> -- Best Regards, Jianzhou
> 
> 
> _______________________________________________ Jailkit-users
> mailing list address@hidden 
> https://lists.nongnu.org/mailman/listinfo/jailkit-users
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRzCjLAAoJEFMgHzhQQ7hOf14H/RFB7y2Zn7TDHbcx1bTWuTbG
5w3IQ/fiagOenBXD/Rv5gSLQX2kvFkOQs94vJjoOa5Rj/CMyax5cjwzyo4KkiRGs
iJAvuYTbcFlR2IuDWj4kafDweGgEbmjGDJ9fDEkDe3vT/jz9JtfZMYlGJOocUPDA
9wUiJNgHKzKd+/DewX1YCpMIoDmzVBYx8Qo2rSX8SRyoNR1tgPAxPcU1srIAT3TH
oXk/EO8dujLNs6kvqxS3Wtixp95rllRDi6LymXjEJK2lhY+kg8HobNfO7GdYGYrk
TFrD2O2fT0z7OGwsqQiNN8+aVgTHXYUN/CneO0W0S5HJhedjamBtaIvvariGQs8=
=9qIm
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]