[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] FTP Server on Linux
- Subject: [ale] FTP Server on Linux
- From: matthew.brown at cordata.net (Matthew Brown)
- Date: Tue, 26 Jan 1999 13:16:20 -0500
So, now we are back to a more generic, OS-level question...
Are you saying I can restrict a specific user to run a binary only from
I guess you'd do this with the path env variable? Do these variables even
exist when the user comes in via FTP rather than through a shell?
Please forgive the RT*M's here. I am an obvious neophyte to Linux. I have
a start-up web hosting company that runs on NT(web/dB) and Linux(mail). I'd
really like to get off of NT altogether at some point, but this (FTP) is one
of the sticking points with me (along with M$-ASP&FPE). If I can get FTP to
happen, and can get ASP&FPE-like capabilities out of Linux, I'll switch over
for good. I already know it can happen, but can _I_ make it happen
Arguably, I am my own biggest stumbling block here!
----- Original Message -----
From: John M. Mills <jmills at jmills.gtri.gatech.edu>
To: Matthew Brown <matthew.brown at cordata.net>
Cc: <elanda at comstar.net>; <ale at ale.org>
Sent: Tuesday, January 26, 1999 9:58 AM
Subject: Re: [ale] FTP Server on Linux
>On Tue, 26 Jan 1999, Matthew Brown wrote:
>> This still doesn't do it for me. What does ~ftp/bin mean? I'd have
>> this would mean that there is a /bin diretory out there under an ftp
>> directory. Clearly I'm off here.
>You're not off at all. I think this is discussed in docs for the wuftp
>sources, but the recommendation as I understood it was to make a set of
>[relatively] trusted libs and bins in the <whatever>/ftp heirarchy and
>restrict ftp users to that set. The objective was to avoid exploits of
>publically acccessible libs and bins and in fact to limit the operations
>available to an ftp user. You would then keep a close eye on the ftp
>executables and libs to catch changes quickly.
>If I misunderstood this, I would appreciate being set straight.
>Thanks - mills
> John M. Mills, Senior Research Engineer -- john.mills at gtri.gatech.edu
> Georgia Tech Research Institute, Georgia Tech, Atlanta, GA 30332-0834
> Phone contacts: 404.894.0151 (voice), 404.894.6285 (FAX)
> "The cardinal virtues of a programmer are Laziness,
> Impatience, and Hubris." -- attr. Larry Wall