On Fri, 2005-03-18 at 21:10 -0600, B.J. Scott wrote: > I'm having an issue with vsftpd (on Fedora Core 3) > > I have three users: software, games, and music > > I made the following directories: > > /ftp/software > /ftp/games > /ftp/music > > and set each user's home directory to the relevant directory with the > following commands: > > useradd -d /ftp/software software > useradd -d /ftp/games games > useradd -d /ftp/music music > (I can't remember the commands; I think that's it, but anyhow, it > worked) > > these accounts are going to be used just for FTPing and downloading the > respective content; that's why I made their home directories as such. > > So ... when the user 'software' ftp's in (from internet explorer, or > what have you), he is presented with 'software on p4' (a folder mapped > to a windows share (he can traverse it and download anything in there > fine) > > However, the problem arose when I went to a command prompt (in Windows) > and ran the following : > > ftp ipaddress > login: software > password: blahblah** > > it logs in fine > > the problem is this ... if you type in 'cd ..' it actually takes you > to the parent directory (/ftp) > if you do it again, it takes you to root (/) > > In my opinion this is a problem. Is there a way to deny a particular > user access to a particular directory and if not, how would I go about > securing this? The user 'software' is even able to download from the > other directories (like /etc) Look at the first question in the vsftpd FAQ: ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.2/FAQ Q) Can I restrict users to their home directories? A) Yes. You are probably after the setting: chroot_local_user=YES Paul. -- Paul Howarth <paul@xxxxxxxxxxxx>
