From owner-freebsd-questions Tue Jun 11 08:34:24 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA07788 for questions-outgoing; Tue, 11 Jun 1996 08:34:24 -0700 (PDT) Received: from mistery.mcafee.com (jimd@mistery.mcafee.com [192.187.128.69]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA07765 for ; Tue, 11 Jun 1996 08:34:16 -0700 (PDT) Received: (from jimd@localhost) by mistery.mcafee.com (8.6.11/8.6.9) id IAA10897; Fri, 11 Jun 2010 08:28:47 -0700 From: Jim Dennis Message-Id: <201006111528.IAA10897@mistery.mcafee.com> Subject: Re: Restrict ftp To: dwhite@resnet.uoregon.edu Date: Fri, 11 Jun 110 08:28:47 -0700 (PDT) Cc: jalves@bsi.com.br, questions@freebsd.org In-Reply-To: from "Doug White" at Jun 11, 96 02:40:42 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > On Sat, 8 Jun 1996, Joao Alves Junior wrote: > > > Could anyone tell me if there are some way to close the users of ftp in a > > /home/username ???? > > I want that the users of my machine can just work in yours areas. > > Users that login through ftp have the same permissions as if they > telnetted in and used their shell account. If your permissions are set > right then they can't do any more damage than they could from their > normal login. > > You may be able to hack something with wu-ftpd; it's pretty > configurable. I'm not a wu-ftpd guru so I can't say for sure, though. Nothing needs to be *hacked* -- just read the man pages, add all of the users that you wish to restrict to some group (like 'ftponly'). Add the group to your /etc/group file and list that group in your ftpaccess file with a 'guestgroup' directive. You can then use wu-ftpd's features to force all ftp access by members of this group into suitably configured chroot'd environments. It's all in the man pages (somewhere) and wu-ftpd is covered pretty thoroughly in O'Reilly's _Managing_Internet_Information_ _Services_ (the "marmot" book). Jim Dennis, System Administrator, McAfee Associates