|
|
Sponsored Content
Operating Systems
Solaris
How to Jail ftp user
Post 302326632 by kumarmani on Thursday 18th of June 2009 10:16:51 AM
06-18-2009
How to Jail ftp user
Hi Gurus,
I am creating a user for ftp only on Solaris 10. However while testing I can see user can reach to root directory.
I followed following while creating the user
1 Created a shell in /usr/bin/ftponly as chmod a+x to ftponly
2 Placed the entry in /etc/shells
3 Created a user with home directory as /export/home/ftphome/./ftphome1/ and shell is assign as /usr/bin/ftponly
However the user can read the entire filesystem
Please help as what need to be done to jail the user to /export/home/ftphome/ only .
I am creating a user for ftp only on Solaris 10. However while testing I can see user can reach to root directory.
I followed following while creating the user
1 Created a shell in /usr/bin/ftponly as chmod a+x to ftponly
2 Placed the entry in /etc/shells
3 Created a user with home directory as /export/home/ftphome/./ftphome1/ and shell is assign as /usr/bin/ftponly
However the user can read the entire filesystem
Please help as what need to be done to jail the user to /export/home/ftphome/ only .
|
|
7 More Discussions You Might Find Interesting
1. Linux
I created a user
useradd -d /disk2/ftpfiles me
How would i beable to jail me so he could not move arround my file system? (4 Replies)
Discussion started by: byblyk
4 Replies
2. UNIX for Advanced & Expert Users
I'm trying to establish a jail on a FBSD 6.1 system and have a couple of questions on bringing up the daemon.
Under the jail man page there are two user flags that I am unclear on,
-u username The user name from host environment as whom the command
should run.
-U... (1 Reply)
Discussion started by: thumper
1 Replies
3. What is on Your Mind?
Enough of boring techie topics!! Vote on Paris Hilton and her jail time!! What do you think? (9 Replies)
Discussion started by: Neo
9 Replies
4. UNIX for Dummies Questions & Answers
I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies
5. UNIX for Advanced & Expert Users
I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still... (2 Replies)
Discussion started by: toor13
2 Replies
6. Cybersecurity
Hi all,
I want to jail a process in his folder, so he can't have any link with a parent folder.
Ex. If i'm a hacker, and I can upload my script & and I can start it, i'll could go to ../, /etc/passwd, etc..
So what I did is to chroot the process :
I copied all libraries used by the... (1 Reply)
Discussion started by: Deb.I.am
1 Replies
7. Cybersecurity
Hello people,
I'm creating a web game control panel, where people can manage their gameserver on a php made control panel.
But i have no idea how to create an jailed inviroment for the gameserver,
I've looked at possebilites for chroot, but i don't want the gameserver has any binaries of linux... (1 Reply)
Discussion started by: gm33
1 Replies
LEARN ABOUT LINUX
ftpconfig
ftpconfig(1M) System Administration Commands ftpconfig(1M) NAME
ftpconfig - set up anonymous FTP SYNOPSIS
ftpconfig [ftpdir] ftpconfig -d ftpdir DESCRIPTION
The ftpconfig script is executed by the super user to set up anonymous FTP. Anonymous FTP allows users to remotely log on to the FTP server by specifying the user name ftp or anonymous and the user's email address as password. The anonymous users are logged on to the FTP Server and given access to a restricted file area with its own file system root. See chroot(2). The FTP area has its own minimal system files. This command will copy and set up all the components needed to operate an anonymous FTP server, including creating the ftp user account, creating device nodes, copying /usr/lib files, and copying timezone data. The passwd and group files set up have been stripped down to prevent malicious users from finding login names on the server. The anonymous file area will be placed under ftpdir. If the ftp user account already exists, then the current FTP area is used, and the system files in it are updated. All other files are left untouched. This command should be run to update the anonymous FTP area's configuration whenever a system patch is installed, or the system is upgraded. OPTIONS
-d Create a new or update an existing ftpdir without creating or updating the ftp user account. Use this option when creating guest FTP user accounts. OPERANDS
The following operands are supported: ftpdir The absolute pathname of the directory under which the anonymous FTP area is set up. EXIT STATUS
The following exit values are returned: 0 Successful completion 1 Improper usage of the command 2 Command failed ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWftpu | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
ftpaddhost(1M), in.ftpd(1M), useradd(1M), chroot(2), attributes(5) SunOS 5.10 1 May 2003 ftpconfig(1M)