Just add
DefaultRoot "~"
to the proftpd.conf
In this case it does not matter if your
user has a shell or not!
But better create ftp-users with no shell!
Regards,
Martin
On 26-Jun-2001 Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've de
Look up the DefaultRoot directive in the proftpd documentation.
-hpknight
On Tue, 26 Jun 2001, Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've declared a
> new user on my server, and set its home directory to /home/newuser. But in
> this case, I
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I have a security problem : when connected, the root directory for
ftp is still :/home/newuser; so he can access the tree /home
Look up the DefaultRoot directive in the proftpd documentation.
-hpknight
On Tue, 26 Jun 2001, Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've declared a
> new user on my server, and set its home directory to /home/newuser. But in
> this case,
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I have a security problem : when connected, the root directory for
ftp is still :/home/newuser; so he can access the tree /hom
According to man utmp on potato I386, PII:
> # a) Size of utmp record (sizeof(struct utmp)) for your host.
384
> # b) Offset to tty field from beginning of record.
6
> # c) Length of tty field.
32
> # d) Offset to username field from beginning of record.
42
> # e) Length of username field.
32
> #
According to man utmp on potato I386, PII:
> # a) Size of utmp record (sizeof(struct utmp)) for your host.
384
> # b) Offset to tty field from beginning of record.
6
> # c) Length of tty field.
32
> # d) Offset to username field from beginning of record.
42
> # e) Length of username field.
32
> #
See inline...jc
Thusly Thwacked By Davy Gigan:
> Marco Tassinari writes:
> >
> >
> > Hallo,
> > I wonder what is the best solution for security in this ascii-art
> > network:
> >
> >
> >[router]
> > |
> >[let's call it firewall even if it's n
Marco Tassinari writes:
>
>
> Hallo,
> I wonder what is the best solution for security in this ascii-art
> network:
>
>
>[router]
> |
>[let's call it firewall even if it's not one for the moment]
> |
> +-
Hallo,
I wonder what is the best solution for security in this ascii-art
network:
[router]
|
[ ]
|
+--|-||
| | ||
[server]
See inline...jc
Thusly Thwacked By Davy Gigan:
> Marco Tassinari writes:
> >
> >
> > Hallo,
> > I wonder what is the best solution for security in this ascii-art
> > network:
> >
> >
> >[router]
> > |
> >[let's call it firewall even if it's
Is the unix socket system secure enough that maybe you could run some
kind of authentication daemon (pammish type thingy) and have the login
progs authenticate against it using unix sockets?
Then the authentication daemon could spawn the login shell?
It would be another way to keep login prog fur
Marco Tassinari writes:
>
>
> Hallo,
> I wonder what is the best solution for security in this ascii-art
> network:
>
>
>[router]
> |
>[let's call it firewall even if it's not one for the moment]
> |
> +
Hallo,
I wonder what is the best solution for security in this ascii-art
network:
[router]
|
[ ]
|
+--|-||
| | ||
[server]
Is the unix socket system secure enough that maybe you could run some
kind of authentication daemon (pammish type thingy) and have the login
progs authenticate against it using unix sockets?
Then the authentication daemon could spawn the login shell?
It would be another way to keep login prog fu
15 matches
Mail list logo
