Directory access limit question

LuKreme kremels at kreme.com
Wed May 30 06:40:43 PDT 2007 

On 29-May-2007, at 09:15, Richard Peskin wrote:
> I have encountered a server where user directory access is limited  
> in the following sense. Instead of "/" referring to the actual root  
> directory, "/" refers to the user's home directory. That is, when  
> the user accesses (for example) "/somedir", "somedir" is a  
> directory found at the top level of the user's home directory, not  
> a directory found under the real root.

That would be chroot, also sometimes referred to as a 'chroot jail'

> How can one set up this sort of thing?

Well, for FTP access (or similar, AFP, WebDAV) it's pretty trivial.  
For anything else (SSH, login) it's more complex. MUCH more complex,  
unless something like rbash would work for you.

---cut
If bash is started with the name rbash, or the -r option is supplied  
at invocation, the shell becomes restricted. A restricted shell is  
used to set up an environment more controlled than the standard  
shell. It behaves identically to bash with the exception that the  
following are disallowed or not performed:

  o changing directories with cd
  o setting or unsetting the values of SHELL, PATH, ENV, or BASH_ENV
  o specifying command names containing /
  o specifying a file name containing a / as an argument to the  
builtin command
  o Specifying a filename containing a slash as an argument to the -p  
option to the hash builtin command
  o importing function definitions from the shell environment at startup
  o parsing the value of SHELLOPTS from the shell environment at startup
  o redirecting output using the >, >|, <>, >&, &>, and >>  
redirection operators
  o using the exec builtin command to replace the shell with another  
command
  o adding or deleting builtin commands with the -f and -d options to  
the enable builtin command
  o Using the enable builtin command to enable disabled shell builtins
  o specifying the -p option to the command builtin command
  o turning off restricted mode with set +r or set +o restricted.

  These restrictions are enforced after any startup files are read.

When a command that is found to be a shell script is executed (see  
COMMAND EXECUTION above), rbash turns off any restrictions in the  
shell spawned to execute the script.
---cut

Note the huge importance of the last point there, as it means that a  
rbash login can be setup to do, basically, anything you want done.   
It just needs to be setup to do so in advance.

-- 
...when you're no longer searching for beauty or love, just some kind  
of life with the edges taken off. When you can't even define what it  
is that you're frightened of; this song will be here.

More information about the MacOSX-admin mailing list