I just noticed that my webhosting clients, when using telnet, are not limited in only thier directories- but can go
through any directory. The server limits them from writing to any file, but not from reading. This seems like a real security problem. I want to offer shell access to my clients, but not at the cost of security for everyone. Is there a way to provent users from going into directories (other than thier own hosting directories)?
Thanks for your help,
DK

This has been discussed here in length (do a search for telnet jail).

There is no easy way to limit shell access without giving up some functionality at some level. You either have to create a chrooted or jailed environment or use some file permission approaches that cause problems with group access to files.

Why do they need shell access????

Since I've installed Secure Copy (a SSH solution for a more secure FTP protocol) the clients will also have Telnet access by default since they both go through SSH.

Thus this is a case where you will need to give clients Telnet access.

Anyone else got a more definite method of Telnet/FTP?