From owner-freebsd-questions  Sun Feb 16 13:54:27 2003
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F0A9E37B401
	for <freebsd-questions@freebsd.org>; Sun, 16 Feb 2003 13:54:25 -0800 (PST)
Received: from pintail.mail.pas.earthlink.net (pintail.mail.pas.earthlink.net [207.217.120.122])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 31DEA43F85
	for <freebsd-questions@freebsd.org>; Sun, 16 Feb 2003 13:54:25 -0800 (PST)
	(envelope-from walterk1@earthlink.net)
Received: from user-0cal9lv.cable.mindspring.com ([24.170.166.191] helo=earthlink.net)
	by pintail.mail.pas.earthlink.net with esmtp (Exim 3.33 #1)
	id 18kWjt-000482-00; Sun, 16 Feb 2003 13:54:21 -0800
Message-ID: <3E50088B.1020108@earthlink.net>
Date: Sun, 16 Feb 2003 16:54:19 -0500
From: Walter <walterk1@earthlink.net>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Bill Moran <wmoran@potentialtech.com>
Cc: Giorgos Keramidas <keramida@ceid.upatras.gr>,
	Questions <freebsd-questions@freebsd.org>
Subject: Re: allowing access to a single directory
References: <3E4FA06D.1070508@earthlink.net> <20030216184533.GB86184@gothmog.gr> <3E5003C7.2020302@earthlink.net> <3E5006FC.9040304@potentialtech.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Bill Moran wrote:
> Walter wrote:
> 
>> Giorgos Keramidas wrote:
>>
>>> On 2003-02-16 09:30, Walter <walterk1@earthlink.net> wrote:
>>>
>>>> I want to allow an anonymous FTP user to see a directory in another
>>>> slice, so I put a symbolic link to it.  But then anyone could access
>>>> my entire file system by appending combinations of "../" to a path
>>>> name; e.g. "ls share/../".  Is there a way to stop this by only
>>>> allowing access to the linked directory and nothing more?
>>>
>>> Symlinks in anonymous FTP don't work, since anonymous ftp sessions are
>>> chrooted in the home directory of the `ftp' user.  You should probably
>>> move the files in ~ftp/stuff and then symlink to ~ftp/stuff from other
>>> parts of your tree.
>>
>> The /var slice does not have enough space to hold
>> these files.  So it sounds like I need to find
>> another solution (like move in another HD).  Thanks.
> 
> You could always move the FTP directory to a slice that has room.

Yes, I actually thought of that, but then I'd leave
my (in this case) /usr slice vulnerable to being
filled-up with ... junk.  Unless I put in quotas,
I suppose.  Hmmm.  I'll think on that; but I also
have an HD which I'm not really using.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message