Question about hidden files.
Im running Fedora Core 1 and my question is that when i logon thru the ftp
with WS_FTP i can see all the hidden files on the users directory instead of only the public_html and cgi-bin folder..why? |
what ftp server are you using?
propably its a configuration failure or you log in with your real username and therefore get to your home/username dir |
im using proftpd the latest
|
ok please post your proftpd config file
|
Here it is....just installed proftpd yesterday so i havent made any changed to it..thanks an advanced
# This is the ProFTPD configuration file # $Id: proftpd.conf,v 1.6 2003/09/24 10:51:11 dude Exp $ ServerName "ProFTPD server" ServerIdent on "FTP Server ready." ServerAdmin root@localhost ServerType standalone #ServerType inetd DefaultServer on AccessGrantMsg "User %u logged in." #DisplayConnect /etc/ftpissue #DisplayLogin /etc/ftpmotd #DisplayGoAway /etc/ftpgoaway DeferWelcome off # Use this to excude users from the chroot DefaultRoot ~ !adm # Use pam to authenticate by default AuthPAMAuthoritative on # Do not perform ident nor DNS lookups (hangs when the port is filtered) IdentLookups off UseReverseDNS off # Port 21 is the standard FTP port. Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # Default to show dot files in directory listings ListOptions "-a" # See Configuration.html for these (here are the default values) #MultilineRFC2228 off #RootLogin off #LoginPasswordPrompt on #MaxLoginAttempts 3 #MaxClientsPerHost none #AllowForeignAddress off # For FXP # Allow to resume not only the downloads but the uploads too AllowRetrieveRestart on AllowStoreRestart on # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 20 # Set the user and group that the server normally runs at. User nobody Group nobody # This is where we want to put the pid file ScoreboardFile /var/run/proftpd.score # Normally, we want users to do a few things. <Global> AllowOverwrite yes <Limit ALL SITE_CHMOD> AllowAll </Limit> </Global> # Define the log formats LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" # TLS # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html #TLSEngine on #TLSRequired on #TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem #TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem #TLSCipherSuite ALL:!ADH:!DES #TLSOptions NoCertRequest #TLSVerifyClient off ##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 #TLSLog /var/log/proftpd/tls.log # A basic anonymous configuration, with an upload directory. #<Anonymous ~ftp> # User ftp # Group ftp # AccessGrantMsg "Anonymous login ok, restrictions apply." # # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # # Limit the maximum number of anonymous logins # MaxClients 10 "Sorry, max %m users -- try again later" # # # Put the user into /pub right after login # #DefaultChdir /pub # # # We want 'welcome.msg' displayed at login, '.message' displayed in # # each newly chdired directory and tell users to read README* files. # DisplayLogin /welcome.msg # DisplayFirstChdir .message # DisplayReadme README* # # # Some more cosmetic and not vital stuff # DirFakeUser on ftpadm # DirFakeGroup on ftpadm # # # Limit WRITE everywhere in the anonymous chroot # <Limit WRITE SITE_CHMOD> # DenyAll # </Limit> # # # An upload directory that allows storing files but not retrieving # # or creating directories. # <Directory uploads/*> # AllowOverwrite no # <Limit READ> # DenyAll # </Limit> # # <Limit STOR> # AllowAll # </Limit> # </Directory> # # # Don't write anonymous accesses to the system wtmp file (good idea!) # WtmpLog off # # # Logging for the anonymous transfers # ExtendedLog /var/log/proftpd/access.log WRITE,READ default # ExtendedLog /var/log/proftpd/auth.log AUTH auth # #</Anonymous> |
That is because your ftp client is configured to show you the hidden files.
;) |
okk...then how can i make proftpd to go to /home/user/public_html instead /home/user when i logon ?
|
Easy my friend, this is an proftpd.conf example:
##################begin############ ServerName "My server" ServerType standalone DeferWelcome off ServerIdent off MultilineRFC2228 on DefaultServer on ShowSymlinks on AllowOverwrite on DefaultRoot ~/ TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin ftp.msg DisplayFirstChdir .message DenyFilter \*.*/ AccessDenyMsg "Tu username y password han sido incorrecto." # Uncomment this if you are using NIS or LDAP to retrieve passwords: #PersistentPasswd off # Port 21 is the standard FTP port. Port 21 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 50 # Set the user and group that the server normally runs at User root Group root # Normally, we want files to be overwriteable. <Directory /*> # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 AllowOverwrite on </Directory> ########################end ############### The line: DefaultRoot ~/ It make the users go only to their home dirs. Best Regards. |
Code:
# Use this to excude users from the chroot |
hihi havent configured proftpd ? thats bad :=) but i think its done now right? or are there still questions from your side?
|
I did this to jail the users on the /home/user/public_html
instead of /home/user # Use this to excude users from the chroot DefaultRoot ~ !adm <---i change this to DefaultRoot ~/public_html !adm Is this the correct way of doing this ? FYI: Im running proftpd 1.2.9-4 |
All times are GMT -5. The time now is 05:36 PM. |