Date: Mon, 08 Dec 2014 16:34:34 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: questions@freebsd.org Subject: Re: File Transfer Protocol ftpd(8) Message-ID: <44egs93jx1.fsf@be-well.ilk.org> In-Reply-To: <DUB126-W32D7E2BF46190FDDA753A5B0670@phx.gbl> (helen ly's message of "Mon, 8 Dec 2014 00:19:52 %2B0100") References: <DUB126-W32D7E2BF46190FDDA753A5B0670@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
helen ly <onoffon@live.it> writes:
> i installed ftpd an run with ftpd -D and
> I edit ftpchroot with each user can access the files on their home-directory (users=moon and sun)
> and i created /World directory
> there is a Group called friends and friends Group member moon and sun
> how to only the users that belong to the friends Group shoudd be able to access the /World directory
Normally, chroot is something you use when you want a user account to
access its own home directory and nothing else.
How to give your users the access you wish can be done in a number of
different ways, all of which have different security implications.
1) You can skip the chroot and use normal permissions to give the
appropriate access.
2) You can keep the chroot and mount the common directory into the
users' home directories via NFS or a nullfs or something along that
line.
3) You can put the users in a jail created specifically for them, so
the jail can be locked down without annoying the other users or
programs running on the overall system.
There are probably other choices as well. For one thing, you could check
into alternative FTP daemons or even alternative protocols.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44egs93jx1.fsf>