I installed Rails and Rubygems on a web server for a customer who wants
to install a Ruby on Rails application that he developped.
He needs SSH access to interact with Ruby, so I’ll have to grant him
access, but I want him to only play around in his /home directory, as
this server also hosts other customers. How could I do that?
Thanks,
Basic users in *nix systems are restrictied to only changing things in
their
home directory. Be sure not to put the user in any groups that are more
powerful (e.g. wheel)
~ Ben
On 12 Jan 2006, at 19:25, Charles wrote:
I installed Rails and Rubygems on a web server for a customer who
wants
to install a Ruby on Rails application that he developped.He needs SSH access to interact with Ruby, so I’ll have to grant him
access, but I want him to only play around in his /home directory, as
this server also hosts other customers. How could I do that?
Setup a Jailshell:
More secure, use Jailkit:
Or sell him a VM to play with 
Craig W. | t: +44 (0)131 516 8595 | e: [email protected]
Xeriom.NET | f: +44 (0)131 661 0689 | w: http://xeriom.net
On Thu, 2006-01-12 at 20:25 +0100, Charles wrote:
I installed Rails and Rubygems on a web server for a customer who wants
to install a Ruby on Rails application that he developped.He needs SSH access to interact with Ruby, so I’ll have to grant him
access, but I want him to only play around in his /home directory, as
this server also hosts other customers. How could I do that?
This is more of a question for a Unix user group not a Rails list. 
If you provide them SSH and have Ruby and RubyGems (with Rails
installed)… they should be able to play with it.
Robby
–
/**************************************************************
Hi all,
On Friday 13 January 2006 06:50, Robby R. tried to type something
like:
If you provide them SSH and have Ruby and RubyGems (with Rails
installed)… they should be able to play with it.
Or you can build a rail app to have them do so …
This was also meant seriously. I run a (small) hosting company, and have
people use rssh (rssh - restricted shell for scp/sftp). This is a child
forked
by ssh and therewith people can run sftp. A friend of mine runs
dreamwaver (a
win/flash dev app), and uploads with sftp very nicely.
So with a web app you can have people install gems, or you can provide
them
with a default set, and make them available yourself when requested.
Depending on the people who login on, the following is good to keep in
mind.
When people have access to a shell prompt over ssh, they’re past the
outside
perimiter (your firewall), and you have to keep a closer look at
software
exploits, rootkits and other flaws within your system.
A jailed ssh environment, can be done but has some angles, you should
look at.
regards,
Gerard.
Robby
–
“Who cares if it doesn’t do anything? It was made with our new
Triple-Iso-Bifurcated-Krypton-Gate-MOS process …”
My $Grtz =~ Gerard;
~
:wq!
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs