Menu
▾
▴
Re: How to protect etc/bin/sbin files from access by ftp users ?
|
From: Francis W. <fr...@fr...> - 2003-05-06 16:30:04
|
Thanks a lot. Now, users are blocked to browse others. But is it possible to allow at least one user who can have previlage to navigate others for ftp. Hope that it will not make you turning round and round. Thanks again... Francis ----- Original Message ----- From: "Cary Robinson" <ca...@ca...> To: <web...@li...> Sent: Tuesday, May 06, 2003 10:50 PM Subject: Re: How to protect etc/bin/sbin files from access by ftp users ? > Are you using WU-FTP ? > If so, in the "Users and Classes" properties select "All Users" where it asks: > "Unix users and UIDs to treat as guests" > > Also make sure that "Guest" is selected (Checkbox) in the user types > section of the user classes properties. > Guest in this case is a little misleading. It doesn't mean guest as in a > user that doesn't have an account. A better (slightly) definition would be > something like a user that has an account but you want them locked into > their own account/folder. > > Cary > > > At 05:04 PM 5/6/2003 +0800, you wrote: > >Hi Cary, > > > >How to set user be a guest with different user passwords and how to lock > >them to their own home folder ? > > > >Francis > > > > > >----- Original Message ----- > >From: "Cary Robinson" <ca...@ca...> > >To: <web...@li...> > >Sent: Tuesday, May 06, 2003 12:59 AM > >Subject: Re: How to protect etc/bin/sbin files from access by ftp users ? > > > > > > > Adding users as "Guests" rather than "Unix Users" locks them into their > >own > > > home directory. > > > If you need them to have access out of their home directory I am sure > > > somebody else will have more info on how to do this than me. > > > > > > Cary > > > > > > > > > > > > At 12:02 AM 5/6/2003 +0800, you wrote: > > > >Hi, > > > > > > > >I have just set up a web server using webmin. It works fine. > > > >But I don't understand why ftp users can access files in /etc, /bin, > >/sbin > > > >by default. > > > >Can I set all those system files to 640. Or need to do it in custom ? > > > >Some of the passwd data was found in user's directory. Are their any > > > >system necessary files needed to be executed by users ? Users are > > > >assigning to /sbin/nologin shell but it still seems no security at > > > >all. I have no idea to secure my web server. Pls help. > > > > > > > >Rgds, > > > >Francis > > > > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by:ThinkGeek > > > Welcome to geek heaven. > > > http://thinkgeek.com/sf > > > - > > > Forwarded by the Webmin mailing list at > >web...@li... > > > To remove yourself from this list, go to > > > http://lists.sourceforge.net/lists/listinfo/webadmin-list > > > > > > > > > > >------------------------------------------------------- > >This sf.net email is sponsored by:ThinkGeek > >Welcome to geek heaven. > >http://thinkgeek.com/sf > >- > >Forwarded by the Webmin mailing list at web...@li... > >To remove yourself from this list, go to > >http://lists.sourceforge.net/lists/listinfo/webadmin-list > > > Cary Robinson > IT Manager / Software Engineer > Cabinets Deluxe Inc. > 512-259-2531 Ext.222 > > > > ------------------------------------------------------- > Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara > The only event dedicated to issues related to Linux enterprise solutions > www.enterpriselinuxforum.com > > - > Forwarded by the Webmin mailing list at web...@li... > To remove yourself from this list, go to > http://lists.sourceforge.net/lists/listinfo/webadmin-list > |