Very Computer

   We'd setup an ftp server using Red Hat 6.2 and WU-Ftpd, then when
we'd set up individual users when they logged in they had access to cd
to just about anywhere and could see and download files from the other
users home directories. I got the WU-Ftpd guest how to and followed the
various steps outlined to restrict the ftp users and that worked fine
but now I've run into a couple other problems that I need help to fix.
First is that they now can't delete files out of their own ftp directory
where they could before. The second and more serious problem is that
when I ftp in as the user with the Windows dos based ftp program and I
perform the 'ls' command I get what you would expect, a list of the
files in their root directory which is actually /ftp/<user>. However
when I ftp in with a graphical ftp program like FTP Voyager, I connect
to the server but it fails to shows any files when there are actually
some there. Watching the commands that the program is trying to perform
I see it issuing /bin/ls, their user directory which is chroot does have
a bin directory and there is a link in there to ls. The How To does
mention that if you can't see the directory contents after you login as
the guest user, the 'ls' program that you installed is not working but
doesn't really go into how you fix the problem. Can anyone give me some
help here and either tell me how to fix this or point me to a document
that will.

Thanks,
Chris LeFebvre

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wu-ftp is real buggy, you might want to look at something else.  Make sure you
keep up with updates, or you will be suprised one day.

Quote:>we'd set up individual users when they logged in they had access to cd
>to just about anywhere and could see and download files from the other
>users home directories. I got the WU-Ftpd guest how to and followed the
>various steps outlined to restrict the ftp users and that worked fine
>but now I've run into a couple other problems that I need help to fix.
>First is that they now can't delete files out of their own ftp directory
>where they could before. The second and more serious problem is that

Do you have this line?
delete          yes              guest

posting your ftpaccess file would go along way in getting you some help.

Quote:>when I ftp in as the user with the Windows dos based ftp program and I
>perform the 'ls' command I get what you would expect, a list of the
>files in their root directory which is actually /ftp/<user>. However
>when I ftp in with a graphical ftp program like FTP Voyager, I connect
>to the server but it fails to shows any files when there are actually
>some there. Watching the commands that the program is trying to perform
>I see it issuing /bin/ls, their user directory which is chroot does have
>a bin directory and there is a link in there to ls. The How To does
>mention that if you can't see the directory contents after you login as
>the guest user, the 'ls' program that you installed is not working but
>doesn't really go into how you fix the problem. Can anyone give me some
>help here and either tell me how to fix this or point me to a document
>that will.

Why assume there is a problem with the server?  It works with one client and
not other would make me think there was a problem with the client.  Try some
other clients, maybe turn up loggind for ftp(in inetd.conf).

joe

[A copy of the headers and the PGP signature follow.]

Date: Sat, 11 Nov 2000 11:28:56 -0500
Newsgroups: comp.os.linux.security


Subject: Re: WU-Ftpd Security Help Needed?
X-newsgroup: comp.os.linux.security
X-realname: Chris LeFebvre

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
Comment: AnySign 1.4 - A Python tool for PGP signing e-mail and news.

iQA/AwUBOg1z0H9ZJVJ+B1gJEQLBWQCglNU8aINCGiGkbngAfMZLeFUuMH0AmwXo
fDOiXEgNnLRtUDfkOvXwi54A
=zIN+
-----END PGP SIGNATURE-----
--
#!/bin/sh
echo $'This is a unix virus.  It works on the honor system.                  
    Please  1)randomly delete some of your files                            
            2)attach this to the ends of your shell scripts(cat virus>>*.sh)
            3)mail it out to everyone you know begging them to run it;)'