One way to add some functionality without uids on the box is to use a random
password generator to generate hidden directory names.. of course you would
need a secure way of getting the info to the user.. (pgp or maybe a web server
runnning ssl).
acs
On 08-May-00 Ng, Kenneth \(US\) wrote:
> I had proposed the following for a ftp server that would accept anonymous
> ftp for a firm:
> - Run RedHat Linux on a box with lots of disk space.
> - Disable all services except for ftp and ssh (for management).
> - Use tcp wrappers to generate two chroot'ed ftp daemons. People inside the
> firm would get to one daemon, people outside of the firm would be able to
> get to the other.
> - There would be two directories, in.coming, and out.going. Ownerships were
> such that from the outside, you could write into directory in.coming and
> read from out.going. From the inside, you could write into out.going, and
> read from in.coming.
> - One cron process would remove all files over 12 hours old, to prevent this
> from becoming a warz ftp server.
>
> The project is on hold due to lack of funding and a business driver. There
> were still some details to be worked out as to what owner did what. What I
> would have liked ideally was for two seperate chroot'ed ftp ids, and have a
> cron process that would move files back and forth across the chroot'ed
> section. In that way the ftp server would be very restricted on what it
> could do, and from the outside one could not put files that others on the
> outside could read. This would allow internal people to put up files for
> their vendor to read, and vendors could drop off files for users in the firm
> to read.
>
> On Monday, May 08, 2000 3:54 PM, Luiz Eduardo [SMTP:[EMAIL PROTECTED]] wrote:
>> Hello !
>>
>> Good morning. Does anybody have idea of as to implement a ftp server for
>> external users they deposit files?
>> In my case I created an incoming area, and I gave permission for writing
>> for everybody in this directory and I removed the reading permission.
>> How should I review these files to my users?
>> Now I am making everything in the hand.
>> Does anybody have idea of as to improve this service?
>>
>> -
>> [To unsubscribe, send mail to [EMAIL PROTECTED] with
>> "unsubscribe firewalls" in the body of the message.]
> *****************************************************************************
> The information in this email is confidential and may be legally privileged.
> It is intended solely for the addressee. Access to this email by anyone else
> is unauthorized.
>
> If you are not the intended recipient, any disclosure, copying, distribution
> or any action taken or omitted to be taken in reliance on it, is prohibited
> and may be unlawful. When addressed to our clients any opinions or advice
> contained in this email are subject to the terms and conditions expressed in
> the governing KPMG client engagement letter.
> *****************************************************************************
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
_______________________
Aaron C. Springer
[EMAIL PROTECTED]
pgp key published
_______________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
