I just noticed, that any user that is defined on the DiskStation has access to everything on the DiskStation (or at least more importantly every shared folder) via SSH/SFTP, regardless of the permissions settings in the DSM.
Doesn't this pose a potential security risk, when you have to maintain your DiskStation via SSH? (Or want to access it otherwise via SSH/SFTP.)
SSH: all defined users have access to everything
2 posts
• Page 1 of 1
SSH: all defined users have access to everything
by Spooky » Fri Jan 13, 2012 12:55 pm
- Spooky
- Student
- Posts: 62
- Joined: Tue Aug 02, 2011 10:54 am
Re: SSH: all defined users have access to everything
by Jera » Mon Apr 23, 2012 4:37 pm
I found this and found a really helpful thread on here regarding setting permissions from the command line.
Here is the thread- viewtopic.php?f=160&t=25015
And here is the relevant bit that helped me-
Hope this helps!
Here is the thread- viewtopic.php?f=160&t=25015
And here is the relevant bit that helped me-
Personally - I haven't stuck to the web interface because it is fairly cumbersome and so have used SSH to access the DiskStation as root.
When you are this user you are all powerful and you can issue the following commands to restrict access to folders:
Code: Select all
chown -R user.group /volume1/homes/user-folder
where user, group and user-folder obviously need to be amended to what you want.
Then you can issue a:
Code: Select all
chmod -R 700 /volume1/homes/user-folder
restricting the access to the folder to just the user specified above.
Hope this helps!
- Jera
- I'm New!
- Posts: 5
- Joined: Wed Jan 11, 2012 1:26 am
2 posts
• Page 1 of 1
Return to Security/Secured Mods
Who is online
Users browsing this forum: No registered users and 0 guests