On Tue, 17 Jul 2001, Jay Kline wrote: > Aside from the insecurities inherited in the FTP protocol, I would like to > set up a secure FTP server in the styling of an ISP. That is to say, when > someone ftp's to the server, all they have access to is their home directory. > I dont even want them to be able to browse the filesystem. (consider it like > several anonymous ftp users) > > I have a few thoughts, but would like a bit more enlightenment on this issue. > > First, is it possible to do some sort of chroot'd environment for individual > users? I know wu-ftp dosnt exactly support this, but I have heard too many > stories about wu being insecure. Does proFTPd support this? Yes. DefaultRoot ~ (or something along those lines) works beautifully. > Second, what is the bare minimum commands needed for FTP? And by this I mean > what goes into the ftp structure. When I FTP to some anonymous servers, > there are these directories: > bin/ > etc/ > lib/ > pub/ > > and they are all empty execpt lib, which contains things like ld, libc, > libnsl, libnss_files, and libtermcap > > I thought you had to have things like ls and cd in bin for it to work.. > could I get away without having these libraries also? ProFTPd does not require any of that. Make your directory structure however you want. :) > My last question is about virtual users. I would like the ability to have > users log into the FTP service, but not be in the system user base. I know > some servers support this, but I dont know which ones, and I want to know how > the permissions work for this. Can a virtual user be the owner of something? Haven't messed it. > Thats all for now, I am sure I will think of more questions later -- Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 http://www.real-time.com | Fax : (952)943-8500