I’m trying to do the following:
Have two directories in FTP (dir1, dir2) There are two users, usr1 and usr2. usr1 has full access (read/write/execute) to dir1 and dir2. usr2 has access only to dir2, and cannot read/write/execute anything except for what’s in dir2.
It seems this has to be done through Unix Groups. So, I made two shell users (usr1 and usr2) and two groups (group_restricted and group_fullaccess) I then added usr1 to group_fullaccess and usr1 & usr2 to group_restricted. After that, I ssh into my webserver with usr1 and chgroup dir2 to group_restricted and chmod it so group users have write permissions (775) and add a shortcut to the directory. Yay, it works, usr2 can go into the shortcut and upload/view/download files from the directory Now here comes my problem…
I realize usr2 can cd up one level, and actually browse all of the folders on the server. The knowledgebase article addresses this, and says I need to change all of the other folders/files to group_fullaccess using GID bit. I do this, but… usr2 can still read all of the files, even though they’re not a member of group_fullaccess.
What am I missing? Did I need to chmod after setting the GID bit? If so, what do I chmod it to so my website still works? Any help would be GREATLY appreciated. Thanks!