hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : FTP Restriction
Reply

Hosting Security and Technology Configuring and optimizing web hosting servers and operating systems, developing administration scripts, building servers, protecting against hackers, and general security (SSL certificates, etc.)
Forum Jump

FTP Restriction

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 06-25-2005, 08:41 PM
Sillysoft Sillysoft is offline
Web Hosting Guru
  
Join Date: Nov 2004
Posts: 257
*

FTP Restriction

Running Fedora Core 2 with vsftp. Basically what Im trying to accomplish is when a user logs into ftp it currently goes directly to their home folder. What I dont want is them being able to go back one folder to the root of home and access the other account folders. How can I accomplish this?

Thanks
Silly

__________________
Minor League Football Scout

Reply With Quote


Sponsored Links
  #2  
Old 06-25-2005, 09:06 PM
gilbert gilbert is offline
Web Hosting Master
  
Join Date: Jun 2003
Location: United States of America
Posts: 1,831
this topic looks interestings, im gonna subscrube to see if any one post back

__________________
Play Flash Games | Upload Images

Reply With Quote
  #3  
Old 06-25-2005, 09:44 PM
jamesyeeoc jamesyeeoc is offline
Junior Guru
  
Join Date: Dec 2003
Location: Sunny So. Calif.
Posts: 204
Per vsftp's config docs, have you tried:

chroot_local_user
If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.

Default: NO

passwd_chroot_enable
If enabled, along with chroot_local_user , then a chroot() jail location may be specified on a per-user basis. Each user's jail is derived from their home directory string in /etc/passwd. The occurrence of /./ in the home directory string denotes that the jail is at that particular location in the path.

Default: NO

Docs can be found at:

http://vsftpd.beasts.org/vsftpd_conf.html

Reply With Quote
Sponsored Links
  #4  
Old 06-25-2005, 11:21 PM
Scott.Mc Scott.Mc is offline
Engineer
  
Join Date: Jan 2005
Location: Scotland, UK
Posts: 2,380
`man chmod`
mainly 770

__________________
Server Management - AdminGeekZ.com
Infrastructure Management, Web Application Performance, mySQL DBA. Keep your servers online.
United Kingdom: *0800 8620073* // United States: *585 563 1729* // Australia: *02 9037 2448* // International: *+44.1412800134*
Scott Mcintyre

Reply With Quote
  #5  
Old 06-26-2005, 11:56 AM
Sillysoft Sillysoft is offline
Web Hosting Guru
  
Join Date: Nov 2004
Posts: 257
Quote:
Originally posted by jamesyeeoc
Per vsftp's config docs, have you tried:

chroot_local_user
If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.

Default: NO

passwd_chroot_enable
If enabled, along with chroot_local_user , then a chroot() jail location may be specified on a per-user basis. Each user's jail is derived from their home directory string in /etc/passwd. The occurrence of /./ in the home directory string denotes that the jail is at that particular location in the path.

Default: NO

Docs can be found at:

http://vsftpd.beasts.org/vsftpd_conf.html
Sweet! That worked. Thank you very much. Basically I did this:

1. chroot_local_user=YES
2. passwd_chroot_enable=YES
3. Added username to vsftpd.chroot_list

Now when I ftp with my account all I see is the directory under my home folder.

The only sucky part is I have to manually add all ftp accounts to the list. But at least this does what I need it to do. Thanks again!

Silly

__________________
Minor League Football Scout

Reply With Quote
Reply

Related posts from TheWhir.com
Title Type Date Posted
American Web Hosts Help Shut Down Websites Following Syrian Internet Outage Web Hosting News 2012-11-30 11:34:58
CyrusOne Server Containment Units Boost Cooling Efficiency, Security, Privacy Web Hosting News 2012-09-18 15:49:19
Radio Free Asia Deploys Private Clouds with OpenStack from Cloud Provider Piston Web Hosting News 2012-04-10 15:18:03
Q&A: Microsoft’s Steve Martin Discusses Upcoming Changes to Volume Licensing Web Hosting News 2011-06-27 21:07:47


« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:

cPanel Addresses User Concerns of Transfer and Backup Restore System Security

US Attorney says Government Should Have Warrants to Search Email

8kMiles Acquires Cloud Security Firm FuGen Solutions for $7.5 Million

Name.com Resets Customer Passwords After Security Breach

Outbound Spam Causing Sleepless Nights?

Malwarebytes Launches Data Scan-and-Backup Service

Commtouch Report: Spam, Malware Continues to Increase in Q1 2013

Researchers Urge System Admins to Check for New Apache Web Server Backdoor Malware

APWG Study Finds Phishers Increasingly Target Shared Virtual Servers

Man Arrested in Connection to Spamhaus DDoS Attacks



 

Learn more about advertising opportunities across the iNET Interactive Network.

LiquidWeb
X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?