vsftpd - restrict access to system directories (/etc, /bin, /opt)
Hi!
There is user's home folder that should be accessed with ftp (/home/username) BUT I want to acces an share folder (everyone can share files) like /home/share. Moreover I do not want for that users to access the system directories. If I jail the user in his home it cannot access /etc, it can access his own home folder BUT cannot access /home/share (If I create ln -s /home/share /home/username/share it will fail changing into that dir). If I do not jail the user in his home it can access /etc (which is bad) and, of course, it can access /home/username and /home/share. At the 1st situation I can mount --bind /home/share /home/username (in fstab to be available on boot) BUT it doesn't seems to be a modern solution. Please help! Ty |
Hi,
Quote:
Regards |
hide_file={/bin*,/boot*,/dev*,/etc*,/lib*,/lib64*,/media*,/misc*,/mnt*,/net*,/opt*,/proc*,/sbin*,/selinux*,/srv*,/tmp*,/usr*,/var*}
deny_file={/bin*,/boot*,/dev*,/etc*,/lib*,/lib64*,/media*,/misc*,/mnt*,/net*,/opt*,/proc*,/sbin*,/selinux*,/srv*,/tmp*,/usr*,/var*} Zå solution! |
Quote:
|
in this case the ftp user see the directories in the /home but cannot acces them because they are (default) with no right for others.
Is identically with cd /home/anotherUser in bash, it will give an error |
anyway, is a solution and I think it has no security flaws...
|
All times are GMT -5. The time now is 10:23 AM. |