Re: wu-ftpd security

To: Ross Tsolakidis <rtsolakidis@powerserve.com.au>
Cc: "'debian-user@lists.debian.org'" <debian-user@lists.debian.org>
Subject: Re: wu-ftpd security
From: Mike Dresser <mdresser_l@windsormachine.com>
Date: Mon, 10 Feb 2003 10:07:43 -0500 (EST)
Message-id: <[🔎] Pine.LNX.4.33.0302101005210.10884-100000@router.windsormachine.com>
In-reply-to: <[🔎] B33CC7FE7630D411818300D0B74A035E01C621ED@PSMELEXC01>

On Mon, 10 Feb 2003, Ross Tsolakidis wrote:

> Hi all,
>
> With wu-ftpd installed, by default the user can ftp to his home directory,
> but can then just go up a few dirs and view the entire filesystem.
> Is there some way to limit wu-ftpd from doing this, I just want the users to
> have access to their own home dirs and thats it.

guest-root /home username

restricted-uid username

allow-uid username

deny-uid %-65535

The allow-uid line has the advantage of not allowing ftp to anyone that
isn't in the allow-uid field.

If they try to go up a level it will give them an error message to the
effect that they are restricted in what they can do.

Mike

Reply to:

References:
- wu-ftpd security
  - From: Ross Tsolakidis <rtsolakidis@powerserve.com.au>

Prev by Date: SB Audigy 5.1 on Debian
Next by Date: Re: sndfile.pc ?
Previous by thread: wu-ftpd security
Next by thread: changing from mbox to maildir
Index(es):
- Date
- Thread