Complete.Org: Mailing Lists: Archives: linux-help: July 2002:
[linux-help] Re: [linux-help]
Home

[linux-help] Re: [linux-help]

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] Re: [linux-help]
From: "Jonathan Hall" <jonhall@xxxxxxxxxxxx>
Date: Thu, 18 Jul 2002 01:30:36 -0500 (CDT)
Reply-to: linux-help@xxxxxxxxx

That's as it should be... if you connect to your FTP server as user 'joe',
you'd expect to be able to access any file that 'joe' normally would be
able to access--thus any file on the file system with world-readable
permissions.

If you're able to access other files as an anonymous user, though, then
that's another issue.  Typically, the anonymous user can access only files
in the ftpd's home directory (frequently /home/ftp, or similar).  If this
is not the default for your ftpd, then I suggest finding another ftpd.

-- Jonathan


> Hi friends,
>
>       I have found (much to my horror) that unless there is a chroot
> setup done for ftp servers, they allow access to the entire disk
> structure by default to any valid user - (this i found in installs of
> redhat/wu-ftpd and mandrake/pro-ftpd) - and as a real user, i am able
> to get even the /etc/passwd via ftp.=20
>
> I have read in some sites that this was a bug in older ftp versions and
> has been fixed in the new releases. But what i am seeing is the
> opposite. Is there a way to limit this other than chroot (which seems
> to be the best alternative) ? Just changing the permissions dont seem
> to be a good idea. Correct me if i am wrong.
>
> thanks in advance,
> Hareesh.
> -- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
> visit http://www.complete.org/cgi-bin/listargate-aclug.cgi



-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]