Date: Fri, 17 Nov 2000 13:22:11 +0200 From: Sheldon Hearn <sheldonh@uunet.co.za> To: Marcin Krasowski <gorg@weblab.pl> Cc: Sheldon Jones <freebsd@hobbydump.com>, freebsd-security@freebsd.org Subject: Re: chroot and ftpd Message-ID: <2281.974460131@axl.fw.uunet.co.za> In-Reply-To: Your message of "Fri, 17 Nov 2000 06:29:28 %2B0100." <3A14C238.19C7C60C@weblab.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Nov 2000 06:29:28 +0100, Marcin Krasowski wrote: > > Does anyone know of a way to have the chroot function in ftpd lock a > > user into a sub-directory under their user directory. I would like a > > way to keep the users in a sub-directory under their root dir. > > Just put the name of the user into the /etc/ftpchroot file (create it if > You dont have one). You may have missed the key part of Sheldon's mail that mentioned a "sub-directory". The stock ftp daemon shipped with FreeBSD does not have this facility. It wouldn't be at all difficult to extend the structure of the ftpchroot file to support this in a backward compatible manner. I wouldn't feel comfortable doing this, because I'm not convinced that the ftpchroot file is exclusively owned by and relevant to the ftp daemon. I can understand that this is a desirable feature, but I'm it's probably worth further discussion off this list, where the topic is off-charter. For example, it might be preferable to introduce a ~/ftpdrc file, the contents of which are executed under the user's userid during the FTP login. I'd suggest that interested parties follow up to me personally (_not_ to this list) and I'll post a digest back to the freebsd-current mailing list. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2281.974460131>