Re: wu-ftpd security
On Mon, 10 Feb 2003, Ross Tsolakidis wrote:
> Hi all,
>
> With wu-ftpd installed, by default the user can ftp to his home directory,
> but can then just go up a few dirs and view the entire filesystem.
> Is there some way to limit wu-ftpd from doing this, I just want the users to
> have access to their own home dirs and thats it.
guest-root /home username
restricted-uid username
allow-uid username
deny-uid %-65535
The allow-uid line has the advantage of not allowing ftp to anyone that
isn't in the allow-uid field.
If they try to go up a level it will give them an error message to the
effect that they are restricted in what they can do.
Mike
Reply to: