From owner-freebsd-questions@FreeBSD.ORG  Mon Dec  8 21:34:41 2014
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id D8BCDFF
 for <questions@freebsd.org>; Mon,  8 Dec 2014 21:34:41 +0000 (UTC)
Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173])
 by mx1.freebsd.org (Postfix) with ESMTP id B4089320
 for <questions@freebsd.org>; Mon,  8 Dec 2014 21:34:41 +0000 (UTC)
Received: by be-well.ilk.org (Postfix, from userid 1147)
 id 114F133C1E; Mon,  8 Dec 2014 16:34:35 -0500 (EST)
From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
To: helen ly <onoffon@live.it>
To: questions@freebsd.org
Subject: Re: File Transfer Protocol ftpd(8)
References: <DUB126-W32D7E2BF46190FDDA753A5B0670@phx.gbl>
Reply-To: questions@freebsd.org
Date: Mon, 08 Dec 2014 16:34:34 -0500
In-Reply-To: <DUB126-W32D7E2BF46190FDDA753A5B0670@phx.gbl> (helen ly's message
 of "Mon, 8 Dec 2014 00:19:52 +0100")
Message-ID: <44egs93jx1.fsf@be-well.ilk.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Dec 2014 21:34:41 -0000

helen ly <onoffon@live.it> writes:

>  i installed ftpd an run with ftpd -D and
> I edit ftpchroot with each user can access the files on their home-directory (users=moon and sun)
> and i created  /World directory
> there is a Group called friends and friends Group member moon and sun
> how to only the users that belong to the friends Group shoudd be able to access the /World directory

Normally, chroot is something you use when you want a user account to
access its own home directory and nothing else.

How to give your users the access you wish can be done in a number of
different ways, all of which have different security implications.

 1) You can skip the chroot and use normal permissions to give the
    appropriate access. 

 2) You can keep the chroot and mount the common directory into the
    users' home directories via NFS or a nullfs or something along that
    line.

 3) You can put the users in a jail created specifically for them, so
    the jail can be locked down without annoying the other users or
    programs running on the overall system.

There are probably other choices as well. For one thing, you could check
into alternative FTP daemons or even alternative protocols.