In article < XXXX@XXXXX.COM >,
The OP said 'Phil' is chrooted, but my interpretation was
that 'Bob' was not and needed to access files in Phil's directory.
I've stacked directories with chrooted users for a client where
the adminstrators come in at one level, and the users come in
at a level below them.
I'll just call them 'admin' and 'user' here.
Both admin and user have their own group TIDs in addtion to UIDs
And even the users could not write in the top couple of
subdirectories but could deeper down.
Admin gets their own directory. Users get their home chrooted
That user directory is chmod'ed 571 in the admin directory
with UID belonging to user and GID to admin.
This gives admin full ability to read/write directories in the user
Then in the subdirectories where users can read/write the
directorys are 770 and in submission only where admin can read
them but user can submit them, the owner is 'user' and group
is 'admin' with permission of 370. So they can write but can not
see what others have written.
So with the correct permissions and ownership you can really narrow
All of the above were ftp only sites - with the shell being
/bin/false - copied over from /usr/bin/false so all shells
would be in the same directory.
Bill Vermillion - bv @ wjv . com