|
FTP permission Question
I have a need to allow a specific user to access my ftp server and ONLY upload files to a pre-determined directory. I am running RH7.3 and am familiar with the various /etc/ftp.* files. I am not running anon-ftp and don't want to. What I can't figure out how to do is to allow the user to login, upload file(s), and exit only. I don't want the user to be able to do anything else... no 'ls', no 'cd', etc. I've found the basics for restricting creation of and deleting directories, files, etc... but not for restricting other commands. How do I restrict 'ls' and 'cd'... or better, how do I allow ONLY login, upload of file(s), and exit?
|
meant to include that I am using proftpd
|
chmod -r /path/to/upload/directory
Ok, here's how I'd do it... First, make a DefaultRoot in your profptd.conf file. This will restrict the user to that as their / (root) directory. From there I'd change permissions to only allow execute and write, remove read: chmod -R 333 /home/ftp (assuming your DefaultRoot is set to /home/ftp) With that, I believe the user would only have execute (meaning be able to enter the directory) and write (meaning upload files) but not read (cannot ls). Now, assuming they are doing this via some sort of command line ftp program, you'll also want to either give them a restricted shell or look into other options incase they try to ssh (I use rbash). HTH Cool |
| All times are GMT -5. The time now is 03:42 PM. |