From owner-freebsd-security Wed May 9 0:26: 5 2001 Delivered-To: freebsd-security@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.13]) by hub.freebsd.org (Postfix) with SMTP id 16E4637B422 for ; Wed, 9 May 2001 00:26:02 -0700 (PDT) (envelope-from roam@orbitel.bg) Received: (qmail 10712 invoked by uid 1000); 9 May 2001 07:25:31 -0000 Date: Wed, 9 May 2001 10:25:31 +0300 From: Peter Pentchev To: "Gounder, Sami [IBM GSA]" Cc: Igor Podlesny , "'freebsd-security@FreeBSD.org'" Subject: Re: Preventing FTP user accessing other directories Message-ID: <20010509102531.A3400@ringworld.oblivion.bg> Mail-Followup-To: "Gounder, Sami [IBM GSA]" , Igor Podlesny , "'freebsd-security@FreeBSD.org'" References: <695D40B5EDD1D3118AB900508B08E9C8020EA60C@NTMSG0084> <6693506465.20010509152531@morning.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <6693506465.20010509152531@morning.ru>; from poige@morning.ru on Wed, May 09, 2001 at 03:25:31PM +0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, May 09, 2001 at 03:25:31PM +0700, Igor Podlesny wrote: > > are you aware of CHROOT capabilities? lots of FTP daemons can lock > user inside chrooted area... ProFTPd also allows easy configuration > similar to Apache syntax rules for every dir and so on. > > > We need to setup FTP for users to copy files from our UNIX box. Is there a > > way to restrict each user to a directory and sub-directories below it > > without removing OTHERS permission everywhere else? If you're using the FTP server that comes with FreeBSD (/usr/libexec/ftpd), do 'man ftpd' and look for 'chroot' or '/etc/ftpchroot'. G'luck, Peter -- Do you think anybody has ever had *precisely this thought* before? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message