Adam Bender <[EMAIL PROTECTED]> writes: > On 26 Oct 2002, Lowell Gilbert wrote: > > > Adam Bender <[EMAIL PROTECTED]> writes: > > > > > I would like to create an account to be used for FTP. Since the password > > > will be known by a couple people / could be sniffed since it's not sftp, I > > > would obviously like to limit the powers of this user as much as possible. > > > Specifically, I would like it to be able to create and read files in it's > > > own directory, and that's it. No execution capabilities, unable to read > > > files not in its directory, etc. What's the best way to do this? > > > > Chroot it within ftp (read the ftpd man page, natch) and give the > > account an invalid shell. > > > > Thanks for the help. Does this mean I should add /nonexistent to > /etc/shells, since ftpd will not allow a user to connect who is not using > a shell in that file?
Sort of. I'd recommend doing that with a different shell name, not one already used for other accounts. I shouldn't have used the term "invalid" shell, but you seem to have gotten the right idea anyway. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
