proftpd permissions and restrictions help
cswiger at mac.com
Thu Dec 30 20:58:12 PST 2004
CHris Rich wrote:
> I am setting up an ftp server for a few friends using pro ftp. I need
> to implement restrictions based on usernames.
> Here is what I want: an account for being able to only browse the ftp
> site, an account for uploading, and an account for downloading based
> on the user.
FTP daemons support the notion of an anonyous user, and of named users
(typically normal Unix user accounts).
Anonymous users can only browse under /var/ftp in a typical configuration, but
you can set up a world-writable /var/ftp/pub/incoming directory and a cron job
that moves files in there somewhere else every five minutes (to avoid warez
redistributors from hosting crap on your site).
Normal users will be able to read and write whereever their user account
permissions let them, but you can set up user-owned areas or even a
group-writable area under /var/ftp/ if you want to do that instead.
However, I would also recommend you avoid using authenticated FTP users for
anything you really care about in terms of security: use FTP for anonymous
access only, and use scp for authenticated/secure access. If that doesn't fit
your circumstances, consider using HTTPS and WebDAV...
More information about the freebsd-questions