Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ftp security
Operating Systems HP-UX ftp security Post 54508 by Perderabo on Tuesday 17th of August 2004 06:07:17 AM
Old 08-17-2004
HP's ftpd is based on wuftpd. It supports chroot which can lock a user into a directory. See "man ftpaccess".

We have switched to PureFTP which has great security features. It's available ready to install from the HP-UX freeware sites.
 

2 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

ftp security

I have written a number of ftp scripts to put/get files between unix and other systems. My scripts only ftp to servers inside of our firewall. However, I have heard of risks involved with using the typical ftp automation techniques if one goes into unsecure areas with thier ftp processes. ... (8 Replies)
Discussion started by: thekid
8 Replies

2. AIX

Unix security -- FTP service????

I would like to ask for you suggestions or comments see if you can help. Since system auditing is under progress and the AIX is the main investigated unit. They are asking to disable the FTP service to enhance the security but I doubt. For daily use, the FTP will help administrator to download... (1 Reply)
Discussion started by: shanemcmahon
1 Replies

LEARN ABOUT DEBIAN

ftpd_selinux

ftpd_selinux(8) 					 ftpd SELinux policy documentation					   ftpd_selinux(8)

NAME

       ftpd_selinux - Security-Enhanced Linux policy for ftp daemons.

DESCRIPTION

       Security-Enhanced Linux provides security for ftp daemons via flexible mandatory access control.

FILE_CONTEXTS
       SELinux requires files to have a file type. File types may be specified with semanage and are restored with restorecon.	Policy governs the
       access that daemons have to files.

       Allow ftp servers to read the /var/ftp directory by adding the public_content_t file type to the directory and by restoring the file type.

       semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"

       restorecon -F -R -v /var/ftp

       Allow ftp servers to read and write /var/tmp/incoming by adding the public_content_rw_t type to the directory and  by  restoring  the  file
       type.  This also requires the allow_ftpd_anon_write boolean to be set.

       semanage fcontext -a -t public_content_rw_t "/var/ftp/incoming(/.*)?"

       restorecon -F -R -v /var/ftp/incoming

BOOLEANS

       SELinux policy is based on least privilege required and may also be customizable by setting a boolean with setsebool.

       Allow ftp servers to read and write files with the public_content_rw_t file type.

       setsebool -P allow_ftpd_anon_write on

       Allow ftp servers to read or write files in the user home directories.

       setsebool -P ftp_home_dir on

       Allow ftp servers to read or write all files on the system.

       setsebool -P allow_ftpd_full_access on

       Allow ftp servers to use cifs for public file transfer services.

       setsebool -P allow_ftpd_use_cifs on

       Allow ftp servers to use nfs for public file transfer services.

       setsebool -P allow_ftpd_use_nfs on

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was written by Dan Walsh <dwalsh@redhat.com>.

SEE ALSO

       selinux(8), ftpd(8), setsebool(8), semanage(8), restorecon(8)

dwalsh@redhat.com						    17 Jan 2005 						   ftpd_selinux(8)
All times are GMT -4. The time now is 03:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy