Multi-User Security

From: David E. Meier (dev_at_eth0.ch)
Date: 05/17/04

  • Next message: Frankye - ML: "Re: Multi-User Security"
    Date: Mon, 17 May 2004 14:08:40 +0200 (CEST)
    To: freebsd-security@freebsd.org
    
    

    Hello list.

    I would like to get your opinion on what is a safe multi-user environment.
    The scenario:

    We would like to offer to some customers of ours some sort of network
    backup/archive. They would put daily or weekly backups from their local
    machine on our server using rsync and SSH. Therefore, they all have a user
    account on our server. However, we must ensure that they would absolutely
    not be able to access any data of each other at all.

    What is the "best and safest" way to do so? Regular UNIX permission
    settings? File system ACL's? User jails? Restricting commands in their
    path environment? Or would it even make sense to encrypt the file system?
    How would some of the solutions affect data backups/restore on our side?

    Any comment on this is welcome. Thanks. Dave.
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Frankye - ML: "Re: Multi-User Security"

    Relevant Pages

    • Re: Multi-User Security
      ... > I would like to get your opinion on what is a safe multi-user environment. ... They would put daily or weekly backups from their local ... Or would it even make sense to encrypt the file system? ... if you're just doing backup/file access - shell access isn't ...
      (FreeBSD-Security)
    • Re: Multi-User Security
      ... > I would like to get your opinion on what is a safe multi-user environment. ... They would put daily or weekly backups from their local ... Or would it even make sense to encrypt the file system? ... > How would some of the solutions affect data backups/restore on our side? ...
      (FreeBSD-Security)