[lug] ftp-only user ids without sendmail, pop, global read, etc.

Gary Masters gmasters at devcg.denver.co.us
Sat Oct 30 19:58:24 MDT 1999

On Fri, 29 Oct 1999, Neal McBurnett wrote:

> I've heard of one way to set up ftp to restrict access to only
> one directory, but it involves chroot and copies of the ftp
> bin area.  Is there a way without all those silly copies (which
> would then show up on the web....)?

ProFtpd can be configured to prevent users from changing above their
home directories.  And it isn't necessary to provide /bin, /lib, /etc,
etc., in the user directories.

As early as two releases ago, ProFtpd was riddled with security
problems, but the current release [1.2.0pre8] claims to be better. 

All configuration of ProFtpd is done in the file proftpd.conf.  The
syntax is similar to Apache configuration files.

I have had good luck with it, with the exception of frequent updates
to keep ahead of the security flaws.

You can get more information at http://www.proftpd.org.

  Gary Masters
  gmasters at devcg.denver.co.us

More information about the LUG mailing list