LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-27-2007, 10:39 AM   #1
srinivasmrao
LQ Newbie
 
Registered: Jan 2007
Posts: 2

Rep: Reputation: 0
Making Ftp Folders Invisible


Hi,

We are using Redhat linux 4.0 enterprise edition and we have configured VSFTPD for ftp. I have created 10 user accounts to 10clients. Now I have query about making folders invisible.

one my of myclient using third party ftp tool for accessing his account after logging in he clicked on back then he was able to see entire other client folders but not accessable. As a confidentiality norm we can not make visible other clients folders. Please help me out inthis regard how to make other clinets folders to logged client.

Please Please.

Regards

Srinivas

Last edited by srinivasmrao; 01-27-2007 at 10:40 AM.
 
Old 01-27-2007, 11:00 AM   #2
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Make sure in the vsftpd.conf file that these lines are uncommented -
Code:
chroot_local_user=YES
local_enable=YES
Then set each user so that their home directory is the same directory that they can ftp into.

They can hit back, cd /, or any other string of commands, it won't let them see beyond their individual "area".

Peace,
JimBass
 
Old 01-27-2007, 11:00 AM   #3
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
For each ftp user set it up as chroot to their specific directory. This means that whenever they login they will see their specific directory as if it were "/" even if it is really something like /home/ftpuser1. Because it is / they can never go up a directory (e.g. to /home).

This is something you would want to do for ANY ftp directory anyway since ftp itself is not very secure at all. We have several in house ftp directories used for transferring specific files. Even though they are internal we set them up as chroot.

For the chroot directory you'd have to add an etc and bin and possibly other subdirectories because that user won't have access to the existing /etc, /bin et al for the same reason as they won't have access to the full /home.

There are tutorials on setting this up. Do a Google search for ftp chroot.

By the way some people don't even allow commands like ls to work. If you know the file is there you can get it by typing in the name because you knew what it was. This also applies to subdirectories of the chroot directory. The user can cd to the subdirectory but has to know it is there. I've never gone quite that far so I'm not sure how it gets configured but I've been on plenty of ftp sites that do so I know it can be done.
 
Old 01-29-2007, 01:44 AM   #4
srinivasmrao
LQ Newbie
 
Registered: Jan 2007
Posts: 2

Original Poster
Rep: Reputation: 0
Thanks Jim

Thanks Jim. It's working.

Regards

Srinivas

Quote:
Originally Posted by JimBass
Make sure in the vsftpd.conf file that these lines are uncommented -
Code:
chroot_local_user=YES
local_enable=YES
Then set each user so that their home directory is the same directory that they can ftp into.

They can hit back, cd /, or any other string of commands, it won't let them see beyond their individual "area".

Peace,
JimBass
 
Old 01-29-2007, 01:47 AM   #5
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Glad it worked out for you. Enjoy!

Peace,
JimBass
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Mounted hard drive's files/folders are invisible when created jay_rod101 Linux - Newbie 6 06-16-2006 01:57 AM
making ftp system folders invisible in wu-ftpd PeaceTank Linux - Software 0 12-10-2004 09:22 AM
Making Linux invisible to MS with Samba Vincent_Vega Linux - Networking 5 01-23-2004 12:11 AM
invisible folders dejan_j Linux - General 3 06-20-2003 06:40 PM
invisible folders dejan_j Linux - Software 3 06-18-2003 02:39 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration