RE: [cobalt-users] Allowing FTP Root access

["Carrie Bartkowiak" <admin@xxxxxxxxxxxxxxxxxx>]

"what is preventing them from loging in to telnet as admin and
su to root?  They can do the same damage that way!"
They can if you haven't changed the password for root. There are some people
who have done that, they have different passwords for admin and root.  You
could probably find some instructions on this in the archive, I don't have
them offhand. Still, it's just one more step for them. Any steps you can
throw in a hacker's way are good. They can always get around something, but
why make it *too* easy for them, you know?

"What are the commands to change the permissions on a folder... is it
something like:
chown admin /foldername
Then to change it back...
chown root /foldername"
Yes. If you're already in the directory then you don't need to put in the
slash. It could be
chown admin index.html
chown root index.html
If you're not in the directory, you'll have to do the full path
chown admin /path/to/index.html
chown root /path/to/index.html
That's for the ownership of the file.
Changing the permissions is just as easy. Do you know about CGI permissions?
If you do, then through telnet you can type
ls -l
and that will give you a list of everything in the directory and its
permission. (rw+r+r for example)
You need to know the number that correlates to that rw+r+r statement. (for
the example it's 644)
Read = 4
Write = 2
eXecute = 1
So just add the numbers up; rw means read and write, 4+2, so it would be 6.
The remaining r+r is read and read, which are both 4... the whole thing
comes out to 644.
To change something so that anyone can read it, write to it, and execute it,
the chmod permission is 777. So in telnet you'd do:
chmod 777 index.html
Then once you're done making your changes to the file through ftp, set it
back.
chmod 644 index.html

You could probably do this with a lower setting, but 777 is just quick and
easy.

Carrie Bartkowiak