Date: Thu, 30 Dec 2004 23:59:56 -0500 From: Chuck Swiger <cswiger@mac.com> To: CHris Rich <freebsdnews@gmail.com> Cc: questions@freebsd.org Subject: Re: proftpd permissions and restrictions help Message-ID: <41D4DCCC.3020106@mac.com> In-Reply-To: <8292450b041230095411c9e21c@mail.gmail.com> References: <8292450b041230095411c9e21c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
CHris Rich wrote: > I am setting up an ftp server for a few friends using pro ftp. I need > to implement restrictions based on usernames. > > Here is what I want: an account for being able to only browse the ftp > site, an account for uploading, and an account for downloading based > on the user. FTP daemons support the notion of an anonyous user, and of named users (typically normal Unix user accounts). Anonymous users can only browse under /var/ftp in a typical configuration, but you can set up a world-writable /var/ftp/pub/incoming directory and a cron job that moves files in there somewhere else every five minutes (to avoid warez redistributors from hosting crap on your site). Normal users will be able to read and write whereever their user account permissions let them, but you can set up user-owned areas or even a group-writable area under /var/ftp/ if you want to do that instead. However, I would also recommend you avoid using authenticated FTP users for anything you really care about in terms of security: use FTP for anonymous access only, and use scp for authenticated/secure access. If that doesn't fit your circumstances, consider using HTTPS and WebDAV... -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41D4DCCC.3020106>