Re: [Sheflug] proftp

["Mark Broadbent" <nospam [at] sheffield.ac.uk>]

Hi,

> im using SuSE 6.2 use proftp to allow students at our college to
> upload there files to the web server.
> Does anyone know how to configure proftp or know of another ftp
> daemon that prevents users from going outside there home directory.

Using ws-ftpd (should be similar with proftp) you can tell the daemon to chroot to a directory before it starts.  Where the daemon is started (either startup scripts ot /etc/inet.conf) add a -r switch with the name of the directory after

e.g.

ftpd -r /home ...<more options>

Where /home is the directory that contains all the users home directories.

This will stop them looking at the rest of the directory structure.  For the users directories set the directory permissions as 701 and set the 'public_html' directory inside to 755.  This should keep the webserver working and should stop people looking at the files.

e.g.

/home/bob
Set permissions to 701 by chmod 701 /home/bob
/home/bob/public_html
Set permissions to 755 to allow the webserver to read the files inside

The only drawback is that another user can look into bob's public_html directory but then again that can be done through the webserver. ;)

Cheers
Mark



---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.