On Fri Feb 11 2000 at 09:37, Lloyd Sumpter wrote:
> Thanks for the reply!
>
> Steven Lembark wrote:
> >
> > > How do I configure my anon FTP server (on Redhat 6.1) to accept
> > > uploads? My
> > > ftpaccess file denies deletes, overwrites and renames, but not uploads.
> > > /home/ftp/ and /home/ftp/incoming/ are owned by ftp, with wrx
> > > permissions.
> > > I'd like to limit uploads to incoming if I can.
> >
> > unless you know what you are doing, allowing anonftp users
> > write access is a major security hole.
>
> I know that. But I need it in this case.
No you don't, not at all. Well, you shouldn't, and it is very likely
that you don't need to do what you think you need to do in order to
make it work like you want. :)
(See my other post that elaborates on this).
> > for the process of
> > setting it up look at any sys admin `howto book' or the
> > wuftpd man pages.
> >
> Looked there. Haven't been able to find out why it doesn't work. I've
> been setting up anon ftp on Linux and other Unix boxes for years. The
> only time uploads were denied was when I hadn't set write permission to
> the directory. Now apparently Redhat has set something up to deny
> uploads, and I can't find what it is.
RedHat follows standard security-minded configurations. You should
need to do very much to enable uploads into an incoming directory to
work for anon ftp logins.
> (RAND MODE: This is what I hate about Redhat and rpms. They do
> "what's best for you" without telling you what they did, or how to
In general, they DO do what's best for you! Really.
I've been exactly where you are now, and I know how you feel when you
are hit with this sort of issue. I moved from using a 3y/o (and
multiply-upgraded) slackware system on my home box, to using redhat as
a systems administrator in a corporate situation managing many such
boxes (client workstations, servers, routers). Once I got to know
*why* things have been done like they have, I gained a whole new
respect for rpms. And once I had learned how to re-fashion and
rebuild binaries from source rpms, I am now able to take full control
of my redhat system(s).
But in this instance, I'm puzzled - it definitely works for me. I
have no idea what you are doing (or not doing) to make it not work.
:(
> change it if you want to. And yes, I've been to www.redhat.com - they
> just say "to run anon ftp, simply install the anon-ftp rpm. For further
> information, look at the ftpaccesss man page." I went there, but it
> doesn't tell me how they stopped write access.)
> >
> > limit uploads to incomming? means what?
> >
> Meaning you can only upload (ie write access) to the ./incoming
> directory. This allows uploads, but reduces the security risk.
Cheers
Tony
