I posted the following query prompted by the post from ALF and received the
following responses. Thought you might be interested to know of scenarios
where restricted ftp might be necessary.
The discussion revolves around what restricted ftp means. Most of the
responses indicate that restricted ftp *IS* anonymous ftp, or at least what I
understand anonymous ftp to be. From ALF's posting, I did not make this
connection since he explicitly says "Anon ftp won't work...".
My understanding of anonymous ftp is that you restrict the remote ftp user
(unathorized) to a given directory tree via chroot(). Whether the account
is called ftp is purely a name issue. Jon Mitchiner and Ray Bellis both use
wuftpd's guest accounts. While I've never looked in detail at wuftpd, I
presume the guest account is nothing more than anonymous ftp with another
name.
Thanks for taking the time to respond. Here's my posting together with
ALF's post, followed by the responses.
Ken
--------------------------------------------------------------------------
--- query ----------------------------------------------------------------
--------------------------------------------------------------------------
>
>Hi, is there anyone out there who knows a way to restrict cd in ftp?
>I'm basically trying to prevent users from ftping in and cd out of
>their HOME directories.
> I've tried a few things like giving them Rsh but it won't let them
>ftp. Anon ftp won't work either as seperate HOME directories are
>required. I've even tried to chmod various directories but the 'x'
>permission is required to "go down the tree" let alone go back.
>
>Oh yeah, I'm running DU3.2d (No C2 security).
>
> ||
>Have a nice day { } (I've got that Muarora suntan)
> ||
>ALF ||
>
This is the second time I've seen this request and I don't remember seeing
the response summary to the previous posting.
I don't quite understand the rationale behind this and would appreciate if
someone could explain this to me. Seems to me if a user is authorized on a
machine, he/she should be able to roam about the machine's unprotected
filesystems just as he/she would be able to do when logging in
interactively. Anonymous ftp is another matter since the remote user is NOT
authorized on the machine.
The concept of restricted ftp access for an authorized user runs counter to
the concept of an authorized user. If there are filesystems that should not
be accessible, then they can be protected via the normal file access
mechanism and that would apply even during interactive logged-in sessions.
What sort of scenario would warrant this type of restriction? If I were an
authorized user and had such restrictions placed on me, then I would simply
telnet to the machine and ftp out.
Look forward to hearing some responses to this myself. Thanks!
--------------------------------------------------------------------------
--- Responses ------------------------------------------------------------
--------------------------------------------------------------------------
From: Ray Bellis <Ray.Bellis_at_community.co.uk>
There's authorised users, and then there's authorised users...
I'm the techinical manager at an ISP, and we allow dial up customers
to have web pages but we do *not* allow them to have shell access to
the system. I use wuftpd's `guest' user access to make sure that
customers can't access system files like the NIS password database.
Ray.
--------------------------------------------------------------------------
From: Alan Cox <coxa_at_cableol.net>
> The concept of restricted ftp access for an authorized user runs counter to
> the concept of an authorized user. If there are filesystems that should not
No. The author is only authorized to see bits of the system. It's more
secure.
> What sort of scenario would warrant this type of restriction? If I were an
> authorized user and had such restrictions placed on me, then I would simply
> telnet to the machine and ftp out.
Things like commercial web servers, where you also don't get a login account
--------------------------------------------------------------------------
From: Darryl Cook <pgmr_at_ppalf.appstate.edu>
Actually I think I can help with this one as well. I also have the same
problem as mentioned above. I have a user who isnt part of our department
but rather someone that provides us with information via ftp'ing to our
site certain data files each night through a scripted program. I have to
give them a login id and a password which is placed in a script and this
script automatically ftp's certain files to us. The concern I have is
that someone (a programmer, a data entry clerk or whoever) gets hold of
this password and ftp's to our machine and gains access to areas that I
dont want them in. I too tried using a restricted shell but it wont allow
them to ftp to us then. I realize that normal file permissions should
keep them out of areas but.....you never know.
--------------------------------------------------------------------------
From: "Jon Mitchiner" <mitchinj_at_vrinet.com>
Message-Id: <9608268437.AA843773455_at_PO2.VRINET.COM>
To: Ken Teh <teh_at_sun0.phy.anl.gov>
Subject: Re: restricted ftp
Status: RO
If you want restricted ftp, look into implementing wu-ftp and taking
advantage of the chroot feature which is implementable in the
configuration file.
Jon
--------------------------------------------------------------------------
From: Gyula Szokoly <szgyula_at_skysrv.Pha.Jhu.EDU>
> I don't quite understand the rationale behind this and would appreciate if
> someone could explain this to me. Seems to me if a user is authorized on a
> machine, he/she should be able to roam about the machine's unprotected
Who said the user *is* authorized on the machine? What about ftp only
accounts?
Gyula
--------------------------------------------------------------------------
From: Richard Tame <Richard.Tame_at_asx.com.au>
Ken,
I have the same requirement as Alf. The reasoning for me is my authorized
FTP clients are external (coming in over ISDN) and are accessing files in
their own directories that they have 'purchased' from us. Authorized is not
quite as cut and dry as you see it. Internal authorized clients are seen
as an acceptable risk, most companies see external clients as unacceptable.
We have configed the routers on this network so the users cannot telnet in.
--------------------------------------------------------------------------
From: Kimble Britten Webb <kimble_at_maths.unsw.EDU.AU>
one usage that i have seen is where the server is a closed server & the
need is for the users to put their web pages up. - not quite the same but
8*)
hacked ftp, pop mail & hacked web server for ~
enjoy kimble.
Received on Fri Sep 27 1996 - 23:47:58 NZST