From owner-freebsd-questions Sat Oct 26 8: 9: 5 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3CA7637B401 for ; Sat, 26 Oct 2002 08:09:04 -0700 (PDT) Received: from be-well.ilk.org (lowellg.ne.client2.attbi.com [24.147.188.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7025143E3B for ; Sat, 26 Oct 2002 08:09:03 -0700 (PDT) (envelope-from freebsd-questions-local@be-well.no-ip.com) Received: from be-well.ilk.org (lowellg.ne.client2.attbi.com [24.147.188.198] (may be forged)) by be-well.ilk.org (8.12.6/8.12.5) with ESMTP id g9QF8xqB036467 for ; Sat, 26 Oct 2002 11:08:59 -0400 (EDT) (envelope-from freebsd-questions-local@be-well.no-ip.com) Received: (from lowell@localhost) by be-well.ilk.org (8.12.6/8.12.6/Submit) id g9QF8xDp036464; Sat, 26 Oct 2002 11:08:59 -0400 (EDT) X-Authentication-Warning: be-well.ilk.org: lowell set sender to freebsd-questions-local@be-well.ilk.org using -f To: freebsd-questions@freebsd.org Subject: Re: Setting permissions for a user References: From: Lowell Gilbert Date: 26 Oct 2002 11:08:58 -0400 In-Reply-To: Message-ID: <444rb9b5kl.fsf@be-well.ilk.org> Lines: 11 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Adam Bender writes: > I would like to create an account to be used for FTP. Since the password > will be known by a couple people / could be sniffed since it's not sftp, I > would obviously like to limit the powers of this user as much as possible. > Specifically, I would like it to be able to create and read files in it's > own directory, and that's it. No execution capabilities, unable to read > files not in its directory, etc. What's the best way to do this? Chroot it within ftp (read the ftpd man page, natch) and give the account an invalid shell. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message