[X4U] Setting up SAFE FTP in 10.4.6

Jon Kreisler jonkreisler at gmail.com
Wed Aug 30 12:08:37 PDT 2006


One problem is, users can always move "down" a directory tree.
You can restrict a user to their home directory tree using the ftpchroot
file (/etc/ftpchroot).
This will prevent users from getting to another directory tree, but if their
home folder contains folders, they have access.
You could set the home directory of the users you wish to restrict to some
public folder and then use the ftpchroot file to specify the userids
affected. The problem with this is, if they are going to access the Mac as a
normal GUI user (as opposed to just using FTP) they will have problems.
There is an article on implementing ftpchroot:
http://www.macosxhints.com/article.php?story=20010508211503599


On 8/30/06, revDAVE <coolcat at hosting4days.com> wrote:
>
> I have a Mac - Computer 1 running 10.4.6
>
> Computer 1 will be the FTP server - so ...
>
> - I created a standard user ( not administrator)
> - I went to sharing services and added FTP access
>
> - Then on another computer - I logged in to computer 1 using an FTP app.
>
> - The problem is: I was able to see the entire user folder and apparently
> had full access to all folders - including library folders etc. also - as
> a
> test I was able to rename/delete some of these important library files -
> proving that I had full access.
>
> - Obviously this is not a safe way to go!
>
> Q: What is the best way to set up Tiger so that you can create a safe FTP
> account? All I really need is to have access to some kind of public folder
> only.
>
> --
> Thanks - RevDave
> CoolCat at hosting4days.com
> [db-lists]
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserver.themacintoshguy.com/pipermail/x4u/attachments/20060830/dcba731e/attachment.html


More information about the X4U mailing list