Date: Mon, 21 Aug 2000 19:43:51 +0000 From: Alan Clegg <abc@bsdi.com> To: Bill Bunnell <bbunnell@tutsys.com> Cc: freebsd-questions@freebsd.org Subject: Re: Jailed environment for FTP users Message-ID: <20000821194351.B62434@diskfarm.firehouse.net> In-Reply-To: <45BA125AAE48D311B03D00508B0CA96AC6CFB3@itsmail.tutsys.com>; from bbunnell@tutsys.com on Fri, Aug 18, 2000 at 10:15:16AM -0700 References: <45BA125AAE48D311B03D00508B0CA96AC6CFB3@itsmail.tutsys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Out of the ether, Bill Bunnell spewed forth the following bitstream:
> Can I have some help setting up a secure FTP environment. What I am looking
> to do is have users log into my FTP server and then not be able to CD
> (change directory) back to Root. I also do not want people to be able to
> upload files.
>
> What files need to be edited and in what way?
'man ftpd' look for the section that reads in part:
5. If the user name appears in the file /etc/ftpchroot, or the
user is a member of a group with a group entry in this file,
i.e. one prefixed with `@', the session's root will be changed
to the user's login directory by chroot(2) as for an
``anonymous'' or ``ftp'' account (see next item). This facil-
ity may also be triggered by enabling the boolean "ftp-chroot"
capability in login.conf(5). However, the user must still
supply a password. This feature is intended as a compromise
between a fully anonymous account and a fully privileged ac-
count. The account should also be set up as for an anonymous
account.
AlanC
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000821194351.B62434>