On Tue, Aug 31, 2004 at 06:03:02PM +0200, lycanthrope wrote: > I'm trying to set up FTP server. I enable the line in inetd, created a user ftp in > group ftp. now, the ftp user and anonymous can log into FTP, and download. BUT, > anonymous user can ALSO UPLOAD. how to restrict anonymous account to downloading > only?
The simplest thing to do is to make the anonymous FTP area readable by
the ftp UID, but not writable. Assuming your ftp user also has ftp as
it's primary group:
# chown -R root:ftp ~ftp/pub
# chmod -R o+rwX,g-w+rX,o-rwx ~ftp/pub
should do the trick, assuming you're going by the comments towards the
end of ftpd(8) man page on how to lay out the anonymous FTP area.
If you need to create a group 'ftp' use:
# pw group add -n ftp -g 21 -M root
and to make that the primary group of the ftp user:
# pw user mod -n ftp -g ftp
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgpK5E7IR888z.pgp
Description: PGP signature
