I've created a new group and a new user called dftp... Now I wanna do one thing... If 'dftp' connects thru ftp he should be directed to a particular location... and he shouldn't be able to see other folder except for his own including the parent folder that contains that location...
To achieve the first task... I changed dftp's home folder to the location I want... However while connecting thru ftp... user dftp has been given permissions to see other folders and check out the contents of the other folders.. What should I do???
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
file permissions..specific scenario help???
-
thewanderer
- Posts: 416
- Joined: 2007-03-19 18:11
- Location: my desk, Warsaw, Poland
Re: file permissions..specific scenario help???
You should set your FTP server so that it restricts the user to their home directory only. The instructions will vary depending on your FTP server. What in particular are you using?
[url=irc://irc.freenode.net/debian]Find me on #debian at irc.freenode.net[/url] | Linux permission HOWTO | Shorewall firewall | Virtual web hosting
Re: file permissions..specific scenario help???
I've installed pureftp since wikipedia said it has a graphical user interface... I haven't found the GUI yet
Re: file permissions..specific scenario help???
This is controlled on the host by the configuration of the FTP daemon. The particular configuration settings are dependent upon which FTP daemon you are using but is to my knowledge always controlled by a file in the /etc directory (/etc/proftpd, /etc/ftpaccess.ctl, /etc/pure-ftpd.conf, etc).
The proftpd configuration file uses an XML-like syntax and you can control access to directories with entries such as:
One would restrict users of ftpd with /etc/ftpaccess.ctl settings such as:
And though I've never used it, Pure-ftpd appears to offer the easiest solution: you just include a "-A" option when starting the daemon and all users are restricted to their home directories.
The proftpd configuration file uses an XML-like syntax and you can control access to directories with entries such as:
Code: Select all
<Directory /home/ftp-user>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
Code: Select all
readonly: /home/ftp-user
readwrite: NONE
Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian Kernighan
Re: file permissions..specific scenario help???
You need an ftp server supporting "chroot" option. Looks like pure-ftpd can use that.
Code: Select all
apt-cache show pure-ftpd
.....
Free, secure, production-quality and standard-conformant FTP server.
Features include chrooted home directories,
.....
Compressed Air Energy Storage, Entropy and Efficiency
http://saurorja.org/2012/06/18/compress ... fficiency/
http://saurorja.org/2012/06/18/compress ... fficiency/