Michael F. Robbins on Thu, 2 Aug 2001 18:40:10 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Possible FTP solution, and new FTP question


First, for the question last night about the RedHat FTP server where a
Windows client failed and a Corel Linux client worked:

Take a look and see if the server is trying to do an IDENT lookup on the
client.  The Corel box would probably answer it (if you haven't yet shut
down IDENTD).  The Windows box would have no way of answering it.
That'd explain why one box works and the other doesn't.  I believe that
for WUFTPD, its the "-I" tag to disable IDENT lookups...


New FTP question:

I have a NetWare share mounted (successfully) in /home/MAIN-SYS (mounted
as user "root", group "mainsys").  Inside of that share are several
directories.  I want no anonymous access, and I want real users (default
group "mainsys") to be able to access (read and write) only 2 of those
subdirectories.  For example, there might be "dir1" "dir2" and "dir3" in
/home/MAIN-SYS, but I only want the users to access "dir1" and "dir2".
I want the root of the FTP system to only contain these two directories
(or in /pub or whatever).  I don't want anyone to be able to get to
"dir3" at all.

So right now, I've tried a few things.  First, I set up WUFTPD (but also
tried similar things with ProFTPD) and made a user's home directory with
symlinks to /home/MAIN-SYS/dir1, etc.  This works, in that the person
easily gets to dir1 and dir2.  But since there is no chroot(), the
person can easily navigate up the directory tree to /home/MAIN-SYS/dir3
(for which the person has full permissions).

Then I tried chrooting the user in that symlink directory.  Of course,
that didn't work, because the symlinks weren't resolved.  So you get
nothing.  And I'm pretty sure that a hard link won't work because its a
different filesystem.

Any ideas?  What I really need is some kind of FTP daemon with an Alias
command or something...

Mike


______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug