Hey folks,
How would I allow a user to connect to an FTP server, upload and download
files and delete files as well, if that server is in enforcing mode for
SELinux?
I'm using proftpd 1.3.5 on CentOS 7.
Thank you!
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_
On 3/2/2015 2:31 PM, Tim Dunphy wrote:
How would I allow a user to connect to an FTP server, upload and download
files and delete files as well, if that server is in enforcing mode for
SELinux?
step 1) delete FTPD, and use ssh/scp/rscp instead.
--
john r pierce
On 3/2/2015 2:34 PM, John R Pierce wrote:
step 1) delete FTPD, and use ssh/scp/rscp instead.
errr, I meant, sftp, not rscp
--
john r pierce 37N 122W
somewhere on the middle of the left coast
___
CentOS mailin
>
> errr, I meant, sftp, not rscp
Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
regular ol' FTP using SELinux? Or does that just defeat the purpose of
having a secure SELlinux server entirely?
Thanks
Tim
On Mon, Mar 2, 2015 at 5:35 PM, John R Pierce wrote:
> On 3
>
> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> regular ol' FTP using SELinux? Or does that just defeat the purpose of
> having a secure SELlinux server entirely?
>
Maybe use FTP in a jail? Or Linux containers?
___
CentO
2015-03-03 0:43 GMT+02:00 Tim Dunphy :
> >
> > errr, I meant, sftp, not rscp
>
>
> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> regular ol' FTP using SELinux? Or does that just defeat the purpose of
> having a secure SELlinux server entirely?
>
FTP is not safe as
Also check this out: http://www.bitvise.com/ftp-bridge
--
Eero
2015-03-03 0:51 GMT+02:00 Eero Volotinen :
>
>
> 2015-03-03 0:43 GMT+02:00 Tim Dunphy :
>
>> >
>> > errr, I meant, sftp, not rscp
>>
>>
>> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
>> regular ol' FTP
Good advice guys. I'll check out vsftpd. Thanks!
Tim
Sent from my iPhone
> On Mar 2, 2015, at 5:55 PM, Eero Volotinen wrote:
>
> Also check this out: http://www.bitvise.com/ftp-bridge
>
> --
> Eero
>
> 2015-03-03 0:51 GMT+02:00 Eero Volotinen :
>
>>
>>
>> 2015-03-03 0:43 GMT+02:00 Tim Dun
On 03/02/2015 11:55 PM, Eero Volotinen wrote:
Also check this out: http://www.bitvise.com/ftp-bridge
you could also recommend filezilla to your clients, it's available for
mac, microsoft and linux and supports sftp.
But I know there are still use cases for ftp.
_
On Mon, Mar 2, 2015 at 5:51 PM, Eero Volotinen
wrote:
> 2015-03-03 0:43 GMT+02:00 Tim Dunphy :
>
> > >
> > > errr, I meant, sftp, not rscp
> >
> >
> > Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> > regular ol' FTP using SELinux? Or does that just defeat the purpos
On Mar 2, 2015, at 3:43 PM, Tim Dunphy wrote:
>
>>
>> errr, I meant, sftp, not rscp
>
> But the client isn't gonna go for that. LOL.
Why not?
SFTP clients are now as readily available as FTP clients.
Unless you’re going to tell me it needs to be done from a box you absolutely
positively c
On Mon, Mar 2, 2015 at 4:43 PM, Tim Dunphy wrote:
>>
>> errr, I meant, sftp, not rscp
>
>
> Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> regular ol' FTP using SELinux? Or does that just defeat the purpose of
> having a secure SELlinux server entirely?
What is the
On Tue, Mar 3, 2015 at 2:33 PM, Les Mikesell wrote:
> On Mon, Mar 2, 2015 at 4:43 PM, Tim Dunphy wrote:
> >>
> >> errr, I meant, sftp, not rscp
> >
> >
> > Heh.. yeah. But the client isn't gonna go for that. LOL. Any way to allow
> > regular ol' FTP using SELinux? Or does that just defeat the
On Mar 3, 2015, at 2:30 PM, Brian Mathis
wrote:
>
> people are bound by corporate restrictions
That seems like an awfully convenient rug to sweep problems under.
Can’t fix a security problem? Corporate restrictions!
Can’t require sensible security defaults restrictions by default? Corporate
Guys,
I hear all your arguments against using FTP. I completely get all that.
But I am making things a little bit safer by using virtual users that have
no access to the file system. The ftp user account has a shell of
/bin/false. And I was able to get proftpd working with SELinux
using setsebool
>
> I hear all your arguments against using FTP. I completely get all that.
> But I am making things a little bit safer by using virtual users that have
> no access to the file system. The ftp user account has a shell of
> /bin/false. And I was able to get proftpd working with SELinux
> using sets
16 matches
Mail list logo
