Date: Tue, 31 Aug 2004 17:44:18 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: lycanthrope <lycanthrope@post.htnet.hr> Cc: freebsd-questions@freebsd.org Subject: Re: FTP server Message-ID: <20040831164418.GB34798@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <001401c48f73$feb2fad0$1205a8c0@jkhahhytncost7> References: <001401c48f73$feb2fad0$1205a8c0@jkhahhytncost7>
next in thread | previous in thread | raw e-mail | index | archive | help
--Yylu36WmvOXNoKYn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Aug 31, 2004 at 06:03:02PM +0200, lycanthrope wrote:
> I'm trying to set up FTP server. I enable the line in inetd, created a us=
er ftp in group ftp. now, the ftp user and anonymous can log into FTP, and =
download. BUT, anonymous user can ALSO UPLOAD. how to restrict anonymous ac=
count to downloading only?
The simplest thing to do is to make the anonymous FTP area readable by
the ftp UID, but not writable. Assuming your ftp user also has ftp as
it's primary group:
# chown -R root:ftp ~ftp/pub
# chmod -R o+rwX,g-w+rX,o-rwx ~ftp/pub
should do the trick, assuming you're going by the comments towards the
end of ftpd(8) man page on how to lay out the anonymous FTP area.
If you need to create a group 'ftp' use:
# pw group add -n ftp -g 21 -M root
and to make that the primary group of the ftp user:
# pw user mod -n ftp -g ftp
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--Yylu36WmvOXNoKYn
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)
iD8DBQFBNKriiD657aJF7eIRAkwdAJ9YrXIhbX90qnlsb1/K9hoxxN0HswCeJYdJ
wRhmypcn3OUXliQsLKvS+6g=
=HA8l
-----END PGP SIGNATURE-----
--Yylu36WmvOXNoKYn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040831164418.GB34798>