FTP Question

foresthillian · #1 (**permalink**) 12-24-2004

When a user FTP's to their own directory, they can go up the directory and view others files, of course they can not overwrite them but are able to download them if they wish to, is there any way to stop them from view their files and have them be only able to view files that they have permissions to view??

zazzybob · #2 (**permalink**) 12-25-2004

It all depends on the particular FTP server you're using, but you can chroot the user to their own home directory.

If you require further information, please post details on the particular FTP server you're using.

Cheers
ZB

foresthillian · #3 (**permalink**) 12-27-2004

One of our servers:
BSDI BSD/OS 4.2 Kernel #0:

Most of our users use WSFTP Pro or le, or Cute FTP

Does this help?

Do I just do a chroot <username> dir ?

zazzybob · #4 (**permalink**) 12-28-2004

I think you're talking about the FTP client here, not the server.

On the server, do something like ps -ef (or ps aux) and pipe to grep ftpd - for example on one of my linux systems I see that vsftpd is running. Then from the manual page for vsftpd.conf you'll see

Quote:

chroot_list_enable
If activated, you may provide a list of local users who are placed in a chroot() jail in their home directory upon login. The meaning is slightly different if chroot_local_user is set to YES. In this case, the list becomes a list of users which are NOT to be placed in a chroot() jail. By default, the file containing this list is /etc/vsftpd.chroot_list, but you may override this with the chroot_list_file setting.

Default: NO

As I say, it's dependent on the FTP server in use - not the client.

Cheers
ZB

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread: