From owner-freebsd-questions  Tue Jun 11 08:34:24 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id IAA07788
          for questions-outgoing; Tue, 11 Jun 1996 08:34:24 -0700 (PDT)
Received: from mistery.mcafee.com (jimd@mistery.mcafee.com [192.187.128.69])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA07765
          for <questions@freebsd.org>; Tue, 11 Jun 1996 08:34:16 -0700 (PDT)
Received: (from jimd@localhost) by mistery.mcafee.com (8.6.11/8.6.9) id IAA10897; Fri, 11 Jun 2010 08:28:47 -0700
From: Jim Dennis <jimd@mistery.mcafee.com>
Message-Id: <201006111528.IAA10897@mistery.mcafee.com>
Subject: Re: Restrict ftp
To: dwhite@resnet.uoregon.edu
Date: Fri, 11 Jun 110 08:28:47 -0700 (PDT)
Cc: jalves@bsi.com.br, questions@freebsd.org
In-Reply-To: <Pine.BSF.3.91.960611023914.5301I-100000@riley-net170-164.uoregon.edu> from "Doug White" at Jun 11, 96 02:40:42 am
X-Mailer: ELM [version 2.4 PL24]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> 
> On Sat, 8 Jun 1996, Joao Alves Junior wrote:
> 
> > Could anyone tell me if there are some way to close the users of ftp in a 
> > /home/username ????
> >  I want that the users of my machine can just work in yours areas.
> 
> Users that login through ftp have the same permissions as if they 
> telnetted in and used their shell account.  If your permissions are set 
> right then they can't do any more damage than they could from their 
> normal login.
> 
> You may be able to hack something with wu-ftpd; it's pretty 
> configurable.  I'm not a wu-ftpd guru so I can't say for sure, though.

	Nothing needs to be *hacked* -- just read the man pages,
	add all of the users that you wish to restrict to some
	group (like 'ftponly').  Add the group to your /etc/group file
	and list that group in your ftpaccess file with a 'guestgroup'
	directive.

	You can then use wu-ftpd's features to force all ftp access by
	members of this group into suitably configured chroot'd 
	environments.

	It's all in the man pages (somewhere) and wu-ftpd is covered
	pretty thoroughly in O'Reilly's _Managing_Internet_Information_
	_Services_ (the "marmot" book).

Jim Dennis,
System Administrator,
McAfee Associates