LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Full FTP Access - Oh No
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-12-2004, 09:49 AM   #1
Lucasite
LQ Newbie
 
Registered: Mar 2004
Location: United Kingdom
Posts: 21

Rep: Reputation: 15
Full FTP Access - Oh No

Hi everyone,

complete newbie here. need help. Have installed RH9. running vsftpd, and i created a user called ftpsecure. set that in the vsftpd.conf file.

however when i go in to ftp, i can type in ls /etc and see everything. infact i can see almost everything on the drive.dont know if i can write to other directories or not, but sure its a security risk. especially being able to view a passwd file.

when i created the user, it assigned in the passwd file as 501.

how do i set it so that this inparticular user can only see /var/ftp, and cannot view anything else

also, you know when you login to some website, you have to enter login details, and then its connects securely, can apache be setup to do that. is there an option somewhere that i can turn on, to make my webpage secure?

finally, the same goes for ftp. how do i get it to prompt the user for login details, and where do i specify which users have access or not?

any response gratefully appreciated.
 
Old 03-12-2004, 11:25 AM   #2
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 269Reputation: 269Reputation: 269
Your looking for chroot.

man chroot for more details if you want to jail users to a particular directory with subdirectories.
 
Old 03-12-2004, 11:27 AM   #3
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Take a look at http://www.linux-corner.net/linux/services/ftp.html since it contains everything you want.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ftp(through web site access to ftp server) kelper Linux - Software 4 07-03-2015 05:14 PM
vsftp - Can access FTP within office network BUT cant access via Internet! kokfei77 Red Hat 2 03-07-2012 07:24 PM
I want full access fannymites Linux - Security 24 12-07-2004 07:59 AM
I lose ftp access when I disable shell access for user captainObvious Linux - General 3 11-13-2004 05:49 PM
ftp: write failed, filesystem is full kpachopoulos Linux - General 1 10-22-2004 02:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:30 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration