From owner-freebsd-questions Wed Sep 8 1:56:23 1999 Delivered-To: freebsd-questions@freebsd.org Received: from pasha.anand.org (pasha.anand.org [199.103.176.41]) by hub.freebsd.org (Postfix) with SMTP id 374AB15AEE for ; Wed, 8 Sep 1999 01:56:07 -0700 (PDT) (envelope-from arb@anand.org) Received: (qmail 14920 invoked by uid 1001); 8 Sep 1999 08:55:27 -0000 Date: Wed, 8 Sep 1999 11:55:27 +0300 From: Anand Buddhdev To: "Francis A. Vidal" Cc: FreeBSD Questions Subject: Re: restricted FTP-only user Message-ID: <19990908115527.J14237@africaonline.co.ke> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i In-Reply-To: ; from Francis A. Vidal on Wed, Sep 08, 1999 at 04:08:56PM +0800 Organisation: Africa Online Ltd, P O Box 63017, Nairobi, Kenya X-Phone: +254-2-243775 X-WWW-Homepage: http://www.anand.org X-Duties: SysAdmin, Hostmaster, Postmaster, Programmer, Support Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Sep 08, 1999 at 04:08:56PM +0800, Francis A. Vidal wrote: > hi all, > > i'm setting up an account for some staff to be able to upload files to the > web server. i want them to be chrooted to the DocumentRoot of the > webserver and will have no shell access except FTP access. Create the account, and make its home directory the DocumentRoot of your webserver. Then put the account name in the file /etc/ftpchroot. Also, give this account a shell like /sbin/nologin, and make sure /sbin/nologin has an entry in /etc/shells (to allow FTP logins). > i also don't want them to delete files made by root inside the > DocumentRoot area. how can i do that? Make the document directory sticky. chmod +t > is it also possible to move the /cgi-bin/ directory to the DocumentRoot > area? what are the security implications? Don't know. I don't work much with web servers. -- See complete headers for more info To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message