Michael Leone on 6 Aug 2015 12:14:25 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Setting SFTP restrictions to download only, but only for certain users

On Thu, Aug 6, 2015 at 3:00 PM, Michael Lazin <microlaser@gmail.com> wrote:
> a .ftpaccess like this should work:
> <Limit STOR>
>         Order Allow, Deny
>         Deny All
> </Limit STOR>
> I tested it on debian and it prevents both ftp and scp uploads.

OK ... and that goes where? In each user's home folder? And that works
for sftp, too, not just regular ftp?

I had been thinking something like:

Set their home folders to u+r,g+rwx (i.e., chmod 470), which - I think
- means that anyone in the group I specify for that folder can write
to it, but the actual user who logs in can't. But I haven't had a
chance to test it ...
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug