I have been running WUFTPD V2.4 for some time now with no problems.
However, recently I have had a need to use the Group Controls to allow a
set of users to ftp into a seperate directory outside of the anonymous
FTP root directory.
Following the instructions, I have entered in the appropriate information
in the /etc/group and /etc/passwd files. In the documentation, it is
explained that the entry for the /etc/passwd file should look like
guest1:LKJFsdfjASKJa:202:21:Guest FTP User:/users/guests/./guest1:/bin/false
The login directory field is supposed to be two pathnames, seperated by
"/./". The first pathname is the directory the guest user will be
chroot()ed to, and the second is the pathname (relative to the chroot()ed
directory) of the guest user's login directory.
Both directories do exist on my system. However, when I log in to FTP
from another system, I get the following messages back from the WUFTPD
Server:
230-No directory! Logging in with home=/
230 User guest1 logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
I tried removing the first part of the login field and this worked, sort
of. I do get logged into the right directory outside the anonymous FTP
root directory, but there is a real security problem with this. When I
was logged in, I was able to do a "cd /" and list the files in my systems
root directory. Yikes!!!
I am running V3.2b of OSF/1 with V2.4 of WUFTPD.
I would appreciate any suggestions anyone has.
Thanks,
Neil :-)
\\\//
(o o)
------------------ooO-(_)-Ooo-----------------------------------------
Neil Movold Phone : +1 809 296-1800
Special Operations Consultant Fax : +1 809 295-7269
( i.e. the guy who has to
make it all work :-) )
Internet (Bermuda) Limited E-mail : nmovold_at_ibl.bm
P.O. Box HM2445
Hamilton, Bermuda
HM JX
Received on Wed Jul 12 1995 - 15:29:25 NZST