Re: [cobalt-users] changing default ftp login folders

[Jeff Lasman <jblists@xxxxxxxxxxxxx>]

At 01:04 PM 3/16/00 -0500, you wrote:

> login as root. look inside /etc/passwd. You'll see:
>    test:x:144:100:TestUser:/home/sites/site23/users/test:/bin/bash
>
> change it to:
>    test:x:144:100:TestUser:/home/sites/site23/web:/bin/bash
>
> This will allow people to log into the correct directory when then FTP in,
> and also open a huge security hole as now any siteadmin can view the files
> from any site hosted on the raq. (or at least thats what happened when i did
> this.)

You must have done something else.  This change will not affect any rights 
anywhere.  It won't even affect the rights of user test.  It just affects 
where the user logs in to.  Nothing more.

It does create another "issue", though...

If you delete this user, you've deleted the website.  Not good.

> To fix that you need to alter the proftpd.conf file.
> in the area that looks like this
>
> ServerName          "ProFTPD"
> ServerType          inetd
> DeferWelcome            off
> DefaultServer           on
> DefaultRoot         / admin
> DefaultRoot         ~/.. site-adm
> DefaultRoot         ~ !site-adm
>
>
> change the following
> DefaultRoot         ~/../.. site-adm
> to
> DefaultRoot         ~/.. site-adm
>
> This worked for me, but im not sure about its effects with telnet or other
> services.

I haven't studied proftpd in a long time (months, in fact), but this 
shouldn't affect rights either.  It can affect where other admins can 
browse, but it shouldn't affect their rights once they've gotten there.

Jeff

--
Jeff Lasman <jblists@xxxxxxxxxxxxx>