Date: Mon, 15 Mar 1999 17:23:49 -0800 (PST) From: Dan Busarow <dan@dpcsys.com> To: "Michael T. Gray" <mtg@dmi.net> Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: FTP Daemon security Message-ID: <Pine.BSF.3.96.990315172145.11199B-100000@java.dpcsys.com> In-Reply-To: <199903152214.OAA02613@netra.dmi.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 15 Mar 1999, Michael T. Gray wrote: > I have a FreeBSD web server using Apache. My clients have websites that > they update themselves. I have them use an FTP client. I use the standard > FPT Daemon. > > The problem I have: > - they can read and write their files .... OK > - they can not read or write or even see any other files .... OK > - they can look at any directory on my server .... not OK > can't see files though .... OK > > I'm not quite sure where to start to solve this problem. Any ideas would be > greatly appreciated. Put all website users in the same group, say wwwusers and then add @wwwusers to /etc/ftpchroot Or you can list eash user id in ftpchroot. If you build ftpd with builtin ls you do not need to add any support files to their home directories. Dan -- Dan Busarow 949 443 4172 Dana Point Communications, Inc. dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990315172145.11199B-100000>