Full FTP Access - Oh No
Hi everyone,
complete newbie here. need help. Have installed RH9. running vsftpd, and i created a user called ftpsecure. set that in the vsftpd.conf file.
however when i go in to ftp, i can type in ls /etc and see everything. infact i can see almost everything on the drive.dont know if i can write to other directories or not, but sure its a security risk. especially being able to view a passwd file.
when i created the user, it assigned in the passwd file as 501.
how do i set it so that this inparticular user can only see /var/ftp, and cannot view anything else
also, you know when you login to some website, you have to enter login details, and then its connects securely, can apache be setup to do that. is there an option somewhere that i can turn on, to make my webpage secure?
finally, the same goes for ftp. how do i get it to prompt the user for login details, and where do i specify which users have access or not?
any response gratefully appreciated.
|