SUMMARY: ftpd and chroot questions

From: Derek_Schatz@amat.com
Date: Sun Aug 10 1997 - 02:50:31 CDT

Thanks to those who responded:
Karl Vogel vogelke@c17.wpafb.af.mil
Bob Bridgham robert_bridgham@b-e-s-t.com
Benjamin Cline benji@hnt.com
Robin Landis robin.landis@imail.exim.gov
Ada (Chan?) chan@library.ucsf.edu

********************
Original question:

Hello Sun Gods-

I've checked out the man pages and the archives but couldn't quite
find what I'm looking for. I'm running Solaris 2.5.1 on an SS5.

I'd like to set up an ftp server with only NON-anonymous access for
a single user account, but restrict them to a specific tree like
you would for anonymous users. I do not want to have to use wu-ftpd
for this little project. I used the script in the in.ftpd man page
to set up the tree under /export/home/ftp, and I set the user's acct
for /nosuchshell as their login shell so they can only access the
machine via ftp. What I'm trying to figure out is how to chroot
this ftp user (only) to /export/home/ftp.

I wouldn't think that using "/usr/sbin/chroot /export/home/ftp
/nosuchshell" as the login shell in /etc/passwd would work (or
would it? I haven't tested it).

Any suggestions out there?

Thanks (will summarize),
Derek Schatz
schatz_derek@amat.com

********************
Responses:

Judging from a couple of the responses, I guess I need to restate/
clarify my question. I don't want any anonymous ftp access. I want
just one user account to have ftp access and *not* login access.
When they connect (via ftp), they should be restricted to the ftp
directory tree. Man pages say that such a restriction is created
for *anonymous* ftp'ers, I just want to know how to do it for
specific logins.

The most promising suggestion was to use a restricted shell (rksh)
and set the user account's home directory to /export/home/ftp.
Unfortunately, it didn't work. Although I did need to create
an /etc/shells file containing /bin/rksh for the user to even be
able to login, there was no restriction on where the user could
cd to.

So it seems that (with the standard ftpd) there's a trade-off:
allow anonymous access restricted to the ftp sub-tree, or allow
only non-anonymous access, but with run of the disk. I think
I'll go with Door #2, and just have to trust 'em. (and watch 'em)

Derek Schatz

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:00 CDT