Help - Search - Members - Calendar
Full Version: Keeping things safe
Linuxhelp > Support > Technical Support
{XN}Boylett
Hi

I'm wondering, is there a way to run programs as 1 user, but not allow them to change directory and view directories higher than themselves?

So, for example:

I start a program in /home/blah
That program can access any files and folders in the /home/blah directory, however, it can't go up a directory.

Thanks.
michaelk
http://www.jmcresearch.com/projects/jail/

Google for chroot
{XN}Boylett
Hi

Thanks for reply.

I tried using chroot, but it keeps telling me "No such file or directory"

chroot /home/user ./start.sh

and start.sh contains:
#!/bin/sh
nohup ./server &
michaelk
Try replacing ./ with the complete path.
{XN}Boylett
I get the same result.
michaelk
for the command and your script?
{XN}Boylett
I did some googling.. apparently is because there isnt a /bin/sh so start.sh wont work. However, if I try starting server directly, it still doesnt work.

chroot /home/user /server

and server is a binary file

EDIT: I dont know if chroot is what I need.
I want the program to act as it's starting directory is its user's home directory, so it cant cd up but it can view all files in sub directories etc.
michaelk
Have you looked at the URL I posted?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.