Webmin User with restricted Directory Access

7 posts / 0 new
Last post
#1 Thu, 04/23/2009 - 03:04
Circuit

Webmin User with restricted Directory Access

[color=#0000FF]Hi All,

Here is what I am trying to do,

I want to create a webmin user and provide him with the File Manager module only. Further, from the File Manager, I'd like to allow that webmin user to access a specific directory only.

I have created a webmin user with the File Manager module only. However, that webmin user can access all the directories. How do I enforce this restriction ?

Best Regards,[/color]

Thu, 04/23/2009 - 05:38
andreychek

Howdy,

The filemanager doesn't do any access control, it allows a user to view any file or directory that the filesystem allows them to.

You can lock things down a bit on the filesystem, but overall, a lot of files and directories on the system are (intentionally) world readable..

If that's a problem though, you might need to explore a different option, such as using FTP, and have the FTP client lock the user into a certain directory or directories.
-Eric

Thu, 04/23/2009 - 10:51 (Reply to #2)
Joe
Joe's picture

Actually, File Manager can do access control.

In Webmin->Webmin->Webmin Users, click on the username. Find File Manager in the list of modules. Edit "Chroot directory for entire file manager" and set it to /home/username. There are a bunch of other restrictions you can apply.

Most Webmin modules have pretty advanced ACL capabilities. See the docs for more on the subject:

http://doxfer.com/Webmin/WebminUsers

--

Check out the forum guidelines!

Thu, 04/23/2009 - 21:22
Circuit

[color=#0000FF]Hey thanks ! That was indeed great help .....[/color]

Thu, 07/09/2009 - 04:32
xoa

But what happens if a user upload with FTP a PHPFilebrowser, his own File Browser or something like this. In my case he can browse through the whole file system and can see password etc.

Thats horrible. How can I avoid this?

Thu, 07/09/2009 - 11:33 (Reply to #5)
andreychek

It looks like there's a duplicate of this post in another thread, I posted a followup over there:

https://www.virtualmin.com/node/10481

But Ronald's answer below is right on, passwords shouldn't be visible, and if that's the case, something else is wrong :-)

-Eric

Thu, 07/09/2009 - 11:30
ronald
ronald's picture

in that case something else (permission) may be wrong on your system. A normal user can not see sensitive information.

Topic locked