Re: tlug: Fine control over ftp

[Chris Sekiya <chris@example.com>]

On Wed, 30 Sep 1998, Darren Cook wrote:

> I've a user who has to be able to able to ftp into two directories and
> download data files. I don't want him to be able to see anything else.

Hmmmm.  You should be able to chroot him.  The later betas of wu-ftpd are
pretty flexible.

> Also, in war-ftp the ftp users are seperate from the NT user accounts,
> which might be a pain on a large network but is ideal in situations like
> this.

I did something like this to wu-ftpd a couple of years ago.  userid and
password would be authenticated via radius, user would be plopped into an
arbitrary directory.  The changes were not extensive.

> I don't want the user to have an email account or telnet access (even
> to his two directories). I tried setting his shell to "/bin/false", but
> that stopped both ftp and telnet :-(.

Add /bin/false to /etc/shells.

Untrusted user?

-- Chris

---------------------------------------------------------------
Next Meeting: 10 October, 12:30 Tokyo Station Yaesu central gate
Featuring the IMASY Eng. Team on "IPv6 - The Next Generation IP"
Next Nomikai: 20 November, 19:30  Tengu TokyoEkiMae 03-3275-3691
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp