Hi all,
Thank you for numerous helpful responses.
My question was about the ways of setting-up ftp-daemon to restrict
directory access for all incoming ftp-accounts (not only to the
anonymous/ftp account: description how to restrict anonymous account are
well described in the man page for ftpd and in several books).
Your answers are pointing to the two solutions:
1) wu-ftpd: downloadable from
ftp://ftp.academ.com/pub/wu-ftpd/private/wu-ftpd-2.4.2-beta-18.tar.Z
2) ncfpd: http://www.ncftp.com
This is commercial-ware.
I will try my luck (today) with wu-ftpd.
Predrag Stojkov
--------------------------------------------------------------------
Date: 08 Aug 98 14:34:59
From:"predrag stojkov" <pls@uwin.net>
To:<sun-managers@sunmanagers.ececs.uc.edu>
Subject:Restricting directory access in ftp?
Hi all,
Is there some way to restrict to what directories the incoming ftp
connections can access? For example, I would like to have all incoming ftp
connections to have access to /samples directory (and its subdirectories),
but not to the other parts of directory tree.
I've tried to find solution in several locations, like:
1) /etc/inetd.conf allows similar restriction for tftp but not for ftp,
2) inetd.conf manual pages do not help either,
3) searching internet for similar info,
4) couple of sysadmin books (red book, aeleen frisch's book),
but have nowhere found solution/hint for this problem.
Any suggestions/ideas are appreciated. Thanks,
Predrag Stojkov
--------------------------------------------------------------------
From: Chad Price <cprice@molbio.unmc.edu>
wu ftpd:
Get it at http://wuarchive.wustl.edu
CHad
--------------------------------------------------------------------
From: Alan Orndorff <dwarf@ix.netcom.com>
pick up a book on anonymous ftp. or search the online answerbook for
how to setup anonymous ftp services.
--------------------------------------------------------------------
From: Benjamin Cline <benji@hnt.com>
You need a smarter ftpd, like ncfpd (http://www.ncftp.com) or wu-ftpd
(ftp://ftp.academ.com).
benji
--------------------------------------------------------------------
From: "David Evans" <DJEVANS@au.oracle.com>
Predrag,
Use wu-ftp from Washington University.
Regards,
David Evans
--------------------------------------------------------------------
From: "Steve Kay" <steve@peachy.com>
Installing wu-ftpd instead of Sun's version is a breeze and it includes lots
of extra features, including this "chrooting" facility.
Steve
--------------------------------------------------------------------
From: Sean Quaint <squaint@cac.net>
read the man page for ftpd. There are instructions on setting up an anonymous
ftp server. Essentially you create an /export/home/ftp directory and give the
user a /bin/false shell (must be listed in /etc/shells) and put a mini-root
dir structure in the ~ftp. If you want more security than that check out
wu-ftpd.
Sean
--------------------------------------------------------------------
From: Kevin Ying <kevin@ns1.interq.or.jp>
Try a commercial FTPD: http://www.ncftp.com/ncftpd
--------------------------------------------------------------------
From: "Robert G. Ferrell" <rferrell@usgs.gov>
You need to get and install WU-FTP to do this:
ftp://ftp.academ.com/pub/wu-ftpd/private/wu-ftpd-2.4.2-beta-18.tar.Z
RGF
--------------------------------------------------------------------
From: Rik Schneider <rik@netasset.com>
For anonymous connections the root of the ftp tree is set in /etc/passwd.
For user account connections you need to use something like WU-ftpd as
your ftp deamon to provide a chrooted environment for ftp.
The man page for ftpd provides more information on setting up an anonymous
environment. For more information about wu-ftpd see
http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html
--------------------------------------------------------------------
From: Karl Vogel <vogelke@c17mis.region2.wpafb.af.mil>
Check the "ftpd" man entry.
--------------------------------------------------------------------
From: foster@bial1.ucsd.edu <foster@bial1.ucsd.edu>
I think you'll need wu-ftp for this sort of thing.
http://www.wildheart.org/wu-ftpd/wuftpd.shtml
Dave
--------------------------------------------------------------------
From: Jason Ledbetter <jason@colltech.com>
You can do this in the wuftpd's configuration file....
--------------------------------------------------------------------
From: Bob Jackiewicz 312.986.3418 <chds673@BOTCC.COM>
Search via www.yahoo.com for wu-ftpd .
--------------------------------------------------------------------
From: Michael Cook <mcook@uswest.com>
wu-ftpd - put users with restricted access in a guestgroup & set up the
directory like anonymous ftp - have to read the docs (tons) - but it works
well.
--------------------------------------------------------------------
From: Peter L. Wargo <plw@ncgr.org>
wu-ftpd is the answer.
--------------------------------------------------------------------
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:49 CDT