Allowing user access to one directory only

aje · 05-18-2005, 10:44 PM

How can I create an account (let's call the account "guest") that only has access to a single folder? I have just set up an ftp server, and I want to be able to give certain people a password so they can log in via ftp://guest: passwd@hostname.domain.org. I have created the account, and accessed ftp with firefox (crude, I know, but most of my friends are basic windows users). This took me to the home folder for guest, but when I clicked on "up to higher directory" I realized that I could browse almost all of my filesystem. This is obviously not very secure ... even if only trusted friends had access to the account.

How can I restrict the guest acces to a single folder?

edit: auto smileys

wpyh · 05-18-2005, 11:01 PM

What ftp server are you using?

edit: I can't reproduce it here with vsftpd.

Dr. Psy · 05-19-2005, 01:51 PM

If you are using proftpd, just add

DefaultRoot ~

to your /etc/proftpd.conf file, in the global section

aje · 05-19-2005, 07:45 PM

I followed shilo's slackware guide in setting up FTP, and according to the line I uncommented in /etc/inetd.conf, it looks like I'm using proftpd.

I cannot find the global section ih proftpd.conf

gbonvehi · 05-19-2005, 08:09 PM

The global section is when you're outside a section delimited with some tag like <Directory> </Directory>.
A easy way, just add a line at the end of the file with DefaultRoot ~

aje · 05-25-2005, 08:12 PM

Thank you. But does this mean all users can only access their home directory when using ftp?