From owner-freebsd-isp  Thu Jun  6 20:31:42 1996
Return-Path: owner-isp
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id UAA23539
          for isp-outgoing; Thu, 6 Jun 1996 20:31:42 -0700 (PDT)
Received: from lynx.its.unimelb.edu.au (lynx.its.unimelb.EDU.AU [128.250.20.151])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id UAA23513
          for <freebsd-isp@FreeBSD.org>; Thu, 6 Jun 1996 20:31:30 -0700 (PDT)
Received: (from danny@localhost) by lynx.its.unimelb.edu.au (8.6.11/8.6.9) id NAA04560; Fri, 7 Jun 1996 13:30:47 +1000
Date: Fri, 7 Jun 1996 13:30:46 +1000 (EST)
From: "Daniel O'Callaghan" <danny@lynx.its.unimelb.edu.au>
To: "Mel Lester Jr." <meljr@connet80.com>
cc: Rick Gray <rickg@nwpros.com>, freebsd-isp@FreeBSD.org
Subject: Re: Anon FTP
In-Reply-To: <Pine.BSF.3.91.960606093110.3125A-100000@connet80.com>
Message-ID: <Pine.BSI.3.91.960607132311.4546A-100000@lynx.its.unimelb.edu.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk



On Thu, 6 Jun 1996, Mel Lester Jr. wrote:

> On Thu, 6 Jun 1996, Rick Gray wrote:
> 
> > I have searched the data base on the freebsd.org home page and can't 
> > find my answer so here goes...

[lots of good stuff deleted]

> create a final subdirectory under the ftp home directory called pub and
> make it's mode 777.  User ftp owns this directory.  Files may than be
> placed or retrieved from this directory by anonymous ftp or your regular
> users. 

I would recommend against 777 for pub.  To my thinking, pub should be 
755, owned by root or ftpadmin.  pub should not be writable by user ftp.
To have an incoming directory, 
mkdir incoming; chown ftpadmin incoming; chmod 733 incoming

This creates an incoming dir which people can place files in, but they 
can't see the files in it.  Stops people from deleting others' uploads, 
and from using your server as a dropoff point without your cooperation.

You can also have a secret places directory for users to pick up files 
only they know about.

# mkdir ~ftp/private ; chmod 711 ~ftp/private
# mkdir ~ftp/private/jane ; chmod 777 ~ftp/private/jane

Jane can now (as user ftp) cd /private/jane, because she knows that it
exists.  Fred does not know about /private/jane, and if Fred does a cd
/private; LIST, he won't be able to see the existence of ./jane

Of course, wu-ftpd's guest class of user achieves this with passwords for 
guest accounts.

Danny