From owner-freebsd-security Sat Apr 24 15:36:49 1999 Delivered-To: freebsd-security@freebsd.org Received: from acetylene.vapornet.net (acetylene.vapornet.net [209.100.218.11]) by hub.freebsd.org (Postfix) with ESMTP id B03E6151E1 for ; Sat, 24 Apr 1999 15:36:47 -0700 (PDT) (envelope-from john@vapornet.net) Received: from datapit.home.vapornet.net (vapornet.xnet.com. [205.243.141.107]) by acetylene.vapornet.net (8.9.3/8.9.3/VaporServer 2.01) with ESMTP id RAA04550; Sat, 24 Apr 1999 17:36:52 -0500 (CDT) (envelope from: john@vapornet.net) Received: from habanero.chili-pepper.net (habanero.chili-pepper.net [192.168.0.11]) by datapit.home.vapornet.net (8.9.3/8.9.3/VaporServer 1.4) with ESMTP id RAA10907; Sat, 24 Apr 1999 17:37:10 -0500 (CDT) (envelope from: john@vapornet.net) Received: (from john@localhost) by habanero.chili-pepper.net (8.9.3/8.9.3/VaporClient v3.1) id RAA08751; Sat, 24 Apr 1999 17:36:40 -0500 (CDT) (envelope from: john@vapornet.net) From: John Preisler MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Sat, 24 Apr 1999 17:36:40 -0500 (CDT) To: erik Cc: freebsd-security@FreeBSD.ORG Subject: Re: limit ftp users to their homedir In-Reply-To: <3.0.6.32.19990425001944.00904430@chapman.karlskrona.se> References: <3.0.6.32.19990425001944.00904430@chapman.karlskrona.se> X-Mailer: VM 6.43 under 20.4 "Emerald" XEmacs Lucid Message-ID: <14114.18124.843396.946822@habanero.chili-pepper.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org add their login to /etc/ftpchroot or add the boolean "ftp-chroot" capability in login.conf as per the ftpd man page. -j erik writes: > > is there a way to deny a registered user access to anything but his own > homedirectory? > > it would be nice if it was the same as with anonymous access.. ie. users > who cwd to "/" , > really enters the virtual ftp root instead of the real system root. > > is this possible to do with _none anonymous_ users? > > for example: > > in a normal setup, when user foo ftps to the system, the initial directory > will be > his homedirectory. when (for some reason) he cwd to "/" he will enter the > real system root. > can you limit him to only access his own stuff, ie. a cwd to / will bring > him to /home/fred. > > any suggestions appreciated! > > /erik > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message