[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Disable FTP Access
- Subject: Re: [cobalt-users] Disable FTP Access
- From: Larry Smith <lesmith@xxxxxxxxx>
- Date: Thu Apr 24 17:07:01 2003
- Organization: ECSIS.NET
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Thursday 24 April 2003 17:48, Mailing List wrote:
> On 4/23/03 5:46 PM, "Gerald Waugh" wrote:
> >>> <VirtualHost stretchedout.com>
> >>> <Limit LOGIN>
> >>> DenyAll
> >>> </Limit>
> >>> </VirtualHost>
> >>
> >> What happens if someone logs in by IP instead?
> >
> > What about
> >
> > <Limit Login>
> > DenyGroup Site4, Site5, Site6
> > </Limit>
> >
> > With Site4, Site5, and Site6 being the members of those sites?
>
> Okay what about I want accounts to be able to ftp to their user account
> folders but not to the web root. But still allow the Siteadmin to add and
> delete accounts, just not allowing FTP access to the web root??
>
> We have proprietary Apps we would rather the clients don't have access to
> in the web root.
>
> Also does the above posted by Gerald work?? Looks promising:)
RTFM
http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot.html
The manual is quite specific about the "default" behavior of proftpd is to
limit users to their own directory _unless_ that user is the "admin" for the
domain/virtual domain in question. So you don't have to do anything for
"regular" users, they can only access their space. Don't assign an admin, or
assign one you can "trust" (and if you can't, then you have bigger problems).
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx