Allowing Anonymous FTP
Malcolm Kay
malcolm.kay at internode.on.net
Sat Feb 14 17:37:56 PST 2004
On Sun, 15 Feb 2004 08:29, GRF . wrote:
> I wanted to see how the anonymous FTP option worked on FreeBSD so I
> enabled it on my "test" box. I haven't been able to find out much info
> about locking down to a default directory. Is there a way to lets say
> block all directories when logging in and open right up to the /incoming
> directory? It doesn't seem smart to have the /etc directory visible with
> the "group" and "passwd" file readable. At the very least is there a way
> to make the /bin and /etc directory hidden? Thanks
Have you read the ftpd man page?
Anonymous ftp with a normal setup does not allow access to the system /etc
directory. On anonymous login to ftp you are effectively chroot'ed to the
ftp home directory and can only see or operate on files in the tree down from
that point. From within ftp that home directory (/home/ftp/) appears as
the directory /.
If you want ftp users to see user and group names from 'ls' rather than
numerical identities then you'll need a subdirectory under the ftp home directory
called etc and containing a copy of the system /etc/group file and /etc/pwd.db.
The password data base pwd.db does not contain passwords coded or
otherwise so this is fairly safe. I guess you could also consider constructing
special versions of these files for use in /home/ftp/etc containing only the names
you want visible under 'ls' to ftp users.
You might also need /home/ftp/bin containing a copy of ls to be called when
command ls or dir is given in the ftp client.
Malcolm Kay
More information about the freebsd-questions
mailing list