From owner-freebsd-questions Mon Mar 15 17:24:15 1999 Delivered-To: freebsd-questions@freebsd.org Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (Postfix) with ESMTP id 0D3721540C for ; Mon, 15 Mar 1999 17:24:13 -0800 (PST) (envelope-from dan@dpcsys.com) Received: from localhost (dan@localhost) by java.dpcsys.com (8.9.1a/8.9.1) with SMTP id RAA29442; Mon, 15 Mar 1999 17:23:49 -0800 (PST) Date: Mon, 15 Mar 1999 17:23:49 -0800 (PST) From: Dan Busarow To: "Michael T. Gray" Cc: "freebsd-questions@FreeBSD.ORG" Subject: Re: FTP Daemon security In-Reply-To: <199903152214.OAA02613@netra.dmi.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 15 Mar 1999, Michael T. Gray wrote: > I have a FreeBSD web server using Apache. My clients have websites that > they update themselves. I have them use an FTP client. I use the standard > FPT Daemon. > > The problem I have: > - they can read and write their files .... OK > - they can not read or write or even see any other files .... OK > - they can look at any directory on my server .... not OK > can't see files though .... OK > > I'm not quite sure where to start to solve this problem. Any ideas would be > greatly appreciated. Put all website users in the same group, say wwwusers and then add @wwwusers to /etc/ftpchroot Or you can list eash user id in ftpchroot. If you build ftpd with builtin ls you do not need to add any support files to their home directories. Dan -- Dan Busarow 949 443 4172 Dana Point Communications, Inc. dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message