[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Nosy ftp users

On Fri, 2002-04-19 at 09:48, Mark Janssen wrote:
> On Fri, 2002-04-19 at 10:42, Patrick Kirk wrote:
> > I have a Proftpd ftp server with a user called ftp whose password is
> > given to clients who need to get drivers, etc.
> > Just realised that someone has logged on and cd-ed to my directory and
> > downloaded a mailbox.
> > But how can I prevent people doing this, as it's a very lax setup that
> > could well lead to trouble?
> 1. Make sure directories with 'critical' information are not
> world-readable (like home-dirs, mailboxes etc)
> 2. Chroot the ftp-account with the files under it (proftp supports

Thanks - this seems the best way.  

chmod -R 1700 /home

Is that the right command?  Will samba still work with those



To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: