[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] proftp
>>>>> "Mark" == Mark Broadbent <coa97mgb [at] sheffield.ac.uk> writes:
Mark> Using ws-ftpd (should be similar with proftp) you can tell
Mark> the daemon to chroot to a directory before it starts. Where
Mark> the daemon is started (either startup scripts ot
Mark> /etc/inet.conf) add a -r switch with the name of the
Mark> directory after
This may not be a great idea, since the user won't have access to tar,
gzip, ls (!), chmod, and all those other good things that ftpd invokes
external programs to do. This isn't terribly unreasonable for a large
anon server (you just create a /bin directory with copies of the
necessary binaries), but for individual users it would be a bit daft.
In general configuring ftp servers to do security as you want it done
is rather difficult.
--
University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences Tel/fax: +81 (298) 53-5091
_________________ _________________ _________________ _________________
What are those straight lines for? "XEmacs rules."
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.