Hi,
> is it possible via ProFtpd to allow one specific user to write on the server
> but disable the feature for the others ?
yes, you can do it with a mixture of and
DenyAll
directives. The Limit should be re-defined (opened) later to permit specific
actions.
gi
Hi,
> is it possible via ProFtpd to allow one specific user to write on the server
> but disable the feature for the others ?
yes, you can do it with a mixture of and
DenyAll
directives. The Limit should be re-defined (opened) later to permit specific
actions.
g
On Sun, Sep 23, 2001 at 10:47:47AM +0200, Luc MAIGNAN wrote:
Hi,
> is it possible via ProFtpd to allow one specific user to write on the server
> but disable the feature for the others ?
Are you talkin about normal access or anonymous?
When you use "normal" accounts just set up normal rights on
Hi all,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
Thanks for your time and your help
On Sun, Sep 23, 2001 at 10:47:47AM +0200, Luc MAIGNAN wrote:
Hi,
> is it possible via ProFtpd to allow one specific user to write on the server
> but disable the feature for the others ?
Are you talkin about normal access or anonymous?
When you use "normal" accounts just set up normal rights o
Hi all,
is it possible via ProFtpd to allow one specific user to write on the server
but disable the feature for the others ?
Thanks for your time and your help
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
At 7:39 PM +0200 6/27/01, Jean-Marc Boursot wrote:
Moreover, I think it's a good idea to disable ftp for people with a
"real" valid shell (ie only include pseudo shells in /etc/shells) as it
isn't a secure protocol.
You should disable shell for any account that can access the machine
via any i
At 7:39 PM +0200 6/27/01, Jean-Marc Boursot wrote:
>Moreover, I think it's a good idea to disable ftp for people with a
>"real" valid shell (ie only include pseudo shells in /etc/shells) as it
>isn't a secure protocol.
You should disable shell for any account that can access the machine
via any
Jau,
OK, I'll see that ftpd but I'm really interested in the proftpd.
I have been told that the proftpd+mysql package adds the user
administration to proftpd. The problem is that I don't use mysql, I
have installed the PostgreSQL database manager ( and I'm very happy with
it ).
Thank you for you
Jau,
OK, I'll see that ftpd but I'm really interested in the proftpd.
I have been told that the proftpd+mysql package adds the user
administration to proftpd. The problem is that I don't use mysql, I
have installed the PostgreSQL database manager ( and I'm very happy with
it ).
Thank you for yo
On Wed, 27 Jun 2001, Jean-Marc Boursot wrote:
> Yep but "false" (or "true") is NOT a shell. So they won't be able to
> execute chsh and change their login shell to a real one.
What about procmail, for example? If it is an mail-only account, it may
have procmail, and if you have procmail, you can
On Jun 27, 2001 13:07 -0400 [EMAIL PROTECTED] wrote to...:
|> You add /bin/ftponly in /etc/shells.
|
|And if I'm not mistaken, if they are somehow now able to execute the
|chsh command, then they have a valid shell account they can log in to. :-(
|
|While they shouldn't be able to run chsh, or
On Wed, 27 Jun 2001, Jean-Marc Boursot wrote:
> Yep but "false" (or "true") is NOT a shell. So they won't be able to
> execute chsh and change their login shell to a real one.
What about procmail, for example? If it is an mail-only account, it may
have procmail, and if you have procmail, you ca
On Jun 27, 2001 13:07 -0400 [EMAIL PROTECTED] wrote to...:
|> You add /bin/ftponly in /etc/shells.
|
|And if I'm not mistaken, if they are somehow now able to execute the
|chsh command, then they have a valid shell account they can log in to. :-(
|
|While they shouldn't be able to run chsh, or
On Wednesday 27 June 2001 19:07, [EMAIL PROTECTED] wrote:
>
> And if I'm not mistaken, if they are somehow now able to execute the
> chsh command, then they have a valid shell account they can log in
> to. :-(
>
> While they shouldn't be able to run chsh, or the equivalent, putting
> their shell in
On Wed, Jun 27, 2001 at 02:49:20AM +0200, Jean-Marc Boursot wrote:
> You create the link ftponly:
> ln -s /bin/ftponly /bin/false
>
> You add /bin/ftponly in /etc/shells.
And if I'm not mistaken, if they are somehow now able to execute the
chsh command, then they have a valid shell account they
Reidar Krogstad <[EMAIL PROTECTED]> writes:
> And why not /bin/true ?
> When I add ftp-only users I set their shell to /bin/true.
> That makes them able to log in with ftp without access to a shell.
[snip]
Personal preference in choosing shells: if they have access to a service on
the box, /bin/t
ux is like wigwam - no windows, no gates, Apache inside!
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 27. Juni 2001 18:46
An: debian-security
Betreff: Re: ProFtpd question
Thanks for all your answers.
With that I suppose that "pro
And why not /bin/true ?
When I add ftp-only users I set their shell to /bin/true.
That makes them able to log in with ftp without access to a shell.
At 20:54 26.06.2001 -0700, Brandon High wrote:
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
>
> > ln -s /bin/ftponly /bin/fal
Thanks for all your answers.
With that I suppose that "proftpd" does not accept users with the
"/bin/false" shell, isn that true ?
Another question related to this one. Are there any configuration file
where we can configure the host access ( wich user is to access to
wich service ) ?
( sor
On Wednesday 27 June 2001 19:07, [EMAIL PROTECTED] wrote:
>
> And if I'm not mistaken, if they are somehow now able to execute the
> chsh command, then they have a valid shell account they can log in
> to. :-(
>
> While they shouldn't be able to run chsh, or the equivalent, putting
> their shell i
On Wed, Jun 27, 2001 at 02:49:20AM +0200, Jean-Marc Boursot wrote:
> You create the link ftponly:
> ln -s /bin/ftponly /bin/false
>
> You add /bin/ftponly in /etc/shells.
And if I'm not mistaken, if they are somehow now able to execute the
chsh command, then they have a valid shell account they
Reidar Krogstad <[EMAIL PROTECTED]> writes:
> And why not /bin/true ?
> When I add ftp-only users I set their shell to /bin/true.
> That makes them able to log in with ftp without access to a shell.
[snip]
Personal preference in choosing shells: if they have access to a service on
the box, /bin/
Linux is like wigwam - no windows, no gates, Apache inside!
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Gesendet: Mittwoch, 27. Juni 2001 18:46
An: debian-security
Betreff: Re: ProFtpd question
Thanks for all your answers.
With that I suppose that "pro
And why not /bin/true ?
When I add ftp-only users I set their shell to /bin/true.
That makes them able to log in with ftp without access to a shell.
At 20:54 26.06.2001 -0700, Brandon High wrote:
>On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
> >
> > > ln -s /bin/ftponly /bin
Thanks for all your answers.
With that I suppose that "proftpd" does not accept users with the
"/bin/false" shell, isn that true ?
Another question related to this one. Are there any configuration file
where we can configure the host access ( wich user is to access to
wich service ) ?
( so
On Wednesday 27 June 2001 05:54, Brandon High wrote:
>
> Perhaps a silly question, but why not just set the shell to
> /bin/false?
You can. However, with ftponly, you can have 3 user levels:
false -> only mail
ftponly -> mail + FTP
??sh -> mail, FTP and shell
JM
On Wednesday 27 June 2001 05:54, Brandon High wrote:
>
> Perhaps a silly question, but why not just set the shell to
> /bin/false?
You can. However, with ftponly, you can have 3 user levels:
false -> only mail
ftponly -> mail + FTP
??sh -> mail, FTP and shell
JM
--
To UNSUBSCRIBE, email to [EM
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
>
> > ln -s /bin/ftponly /bin/false
>
> Wow, it's quite late in Europe. It's better like that:
> ln -s /bin/false /bin/ftponly
Perhaps a silly question, but why not just set the shell to /bin/false?
-B
--
Brandon High
> ln -s /bin/ftponly /bin/false
Wow, it's quite late in Europe. It's better like that:
ln -s /bin/false /bin/ftponly
JM
On Tuesday 26 June 2001 22:38, [EMAIL PROTECTED] wrote:
> How can I create a ftp-user ?
> I know that the /bin/false shell is for non-shell users but I don't
> know how to create a mail-only or ftp-only users. Do you know how ?
You create the link ftponly:
ln -s /bin/ftponly /bin/false
You add /b
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote:
>
> > ln -s /bin/ftponly /bin/false
>
> Wow, it's quite late in Europe. It's better like that:
> ln -s /bin/false /bin/ftponly
Perhaps a silly question, but why not just set the shell to /bin/false?
-B
--
Brandon High
> ln -s /bin/ftponly /bin/false
Wow, it's quite late in Europe. It's better like that:
ln -s /bin/false /bin/ftponly
JM
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Tuesday 26 June 2001 22:38, [EMAIL PROTECTED] wrote:
> How can I create a ftp-user ?
> I know that the /bin/false shell is for non-shell users but I don't
> know how to create a mail-only or ftp-only users. Do you know how ?
You create the link ftponly:
ln -s /bin/ftponly /bin/false
You add /
How can I create a ftp-user ?
I know that the /bin/false shell is for non-shell users but I don't know how to
create a mail-only or ftp-only users.
Do you know how ?
( sorry for my English )
--
yoros
pgpsjwAWT8gnH.pgp
Description: PGP signature
How can I create a ftp-user ?
I know that the /bin/false shell is for non-shell users but I don't know how to create
a mail-only or ftp-only users.
Do you know how ?
( sorry for my English )
--
yoros
PGP signature
Just add
DefaultRoot "~"
to the proftpd.conf
In this case it does not matter if your
user has a shell or not!
But better create ftp-users with no shell!
Regards,
Martin
On 26-Jun-2001 Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've dec
Just add
DefaultRoot "~"
to the proftpd.conf
In this case it does not matter if your
user has a shell or not!
But better create ftp-users with no shell!
Regards,
Martin
On 26-Jun-2001 Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've de
Look up the DefaultRoot directive in the proftpd documentation.
-hpknight
On Tue, 26 Jun 2001, Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've declared a
> new user on my server, and set its home directory to /home/newuser. But in
> this case, I
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I have a security problem : when connected, the root directory for
ftp is still :/home/newuser; so he can access the tree /home
Look up the DefaultRoot directive in the proftpd documentation.
-hpknight
On Tue, 26 Jun 2001, Luc MAIGNAN wrote:
> Hi,
>
> I use proftpd to allow users to connect to my server via ftp. I've declared a
> new user on my server, and set its home directory to /home/newuser. But in
> this case,
Hi,
I use proftpd to allow users to connect to my server via ftp. I've declared a
new user on my server, and set its home directory to /home/newuser. But in
this case, I have a security problem : when connected, the root directory for
ftp is still :/home/newuser; so he can access the tree /hom
42 matches
Mail list logo
