by webmaste » Mon, 13 Mar 2000 04:00:00
I'm looking for HOW (Linux 6.1's versions) to restrict (i.e. set the
root directory)
for someone FTP'ing to thier account on my system so they can't "wander"
once they are
in.
I KNOW this can be done, but I'm not sure where to find a "How To.." for
setting
this up.
HELP!!!
Please email or post
Thanks in advance
cg
by David Cunningha » Tue, 14 Mar 2000 04:00:00
In general there are a few things to change to get the desired behavior.
Let's say we want to restrict user access for user david to his home
directory (/home/david). Then the following must be done:
1. Copy all the ftp binaries into his home directory, "cp -a /home/ftp/*
/home/david" (The -a preserves the permissions and does recursive copy.)
2. Edit the /etc/ftpaccess file. At the bottom of this file I have added
"guestuser" entries for each user that is not "anonymous". Here's an
example:
guestuser david
guestuser chuck
guestuser dhaight
...
3. Edit the /etc/passwd file so that the home directory and "initial"
directory is specified. The idea here is that the home directory is now the
ftp root and the initial directory is the directory the user will see when
first logging in. Here's an example passwd entry for david.
david:x:500:500::/home/david/./pub:/bin/bash
Notice the /./ in between david and pub? This is a seperator. FTP root is
on the left side and initial directory is on the right side. This means
that when user david logs in via FTP, he will automatically end up in
/home/david/pub. But since /home/david is set as the FTP root, he won't be
able to cd up above /home/david. In fact the contents of /home/david will
look like the root directory to the FTP user. And of course /home/david/pub
will look like /pub to him.
4. Okay. Now that all the changes are done, go ahead and test it. If you
have other customization concerns be sure to look at the resources I've
outlined above. In many ways the docs included with an app are like
"how-tos".
--
<|>/\\/|<|>
> I'm looking for HOW (Linux 6.1's versions) to restrict (i.e. set the
> root directory)
> for someone FTP'ing to thier account on my system so they can't "wander"
> once they are
> in.
> I KNOW this can be done, but I'm not sure where to find a "How To.." for
> setting
> this up.
> HELP!!!
> Please email or post
> Thanks in advance
> cg
by Hudson Hallenbec » Tue, 14 Mar 2000 04:00:00
> I'm looking for HOW (Linux 6.1's versions) to restrict (i.e. set the
> root directory)
> for someone FTP'ing to thier account on my system so they can't "wander"
> once they are
> in.
> I KNOW this can be done, but I'm not sure where to find a "How To.." for
> setting
> this up.
> HELP!!!
> Please email or post
> Thanks in advance
> cg
restricted-uid username
to the ftpaccess file in /etc This will restrict the user to their home
directory during ftp sessions. It doesn't keep them from telnetting in
though which depending on your situation may be annother concern
1. Question: Restricting dir movement for FTP users
Hi all
I would like to stop a normal user account from leaving their home
directory when logged in using FTP? ie they cant cd ..
Can this be done?
Thanks in advance
Shaun
3. WU-FTP and restricted FTP accounts
5. ftp: restricting to ftp dir
6. Multiport card / Com Server for Linux
7. restricted shell/restricting login
8. PC/Linux Sparc2 vs. Clone/SunOs 4.1.3
9. restricted shell or restricted access
10. how to restrict maximum login attempts for a restricted website in apache server
11. restricted shell - not so restrict
12. Restricting GET restricts HEAD too?
13. Restricting file visibility to guest ftp logins