[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Managing groups in the jail
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] Managing groups in the jail |
Date: |
Sun, 10 Sep 2006 23:08:49 +0200 |
User-agent: |
Thunderbird 1.5.0.5 (X11/20060812) |
Michael Belmont wrote:
> Now that I have created my jail and all of the users using jailkit,
> which works great on RedHat 4ES, what is the best way to create
> groups within the jail that have granular rights to sub directories
> under the jail root? Example: User1,user2 only have RW access to
> folder Job1, while User3 has RWE to folder Job1 and Job2. Easy enough
> in a non chrooted environment but I'm concerned about messing up the
> security of the chroot. Any help directing me to documentation or
> examples would be appreciated.
in directories other than the system directories like <jail>/bin and
<jail>/lib you can have any permissions you want without affecting the
security.
The only extra measure you can take is to mount a data partition in the
jail with nosuid,noexec options, so users can never upload executables
to a user or group writable area.
regards,
Olivier