anonymous ftp... ftpaccess, denying mkdir

Thu, 19 Mar 1998 15:00:58 -0500 

Hi all, following the instructions in the ftpaccess man page, I"m trying to
disallow access to the mkdir command to anonymous uploaders. But can't seem
to get it to work.

I do have the ftpaccess file being used as per:
ftp    stream  tcp     nowait  root    /usr/sbin/tcpd  in.ftpd -l -a

in my inted.conf file... and the virutal ftp services have been working fine.

According to the man page, the 'upload' directive in the ftpaccess file is
server wide, not specific to a virtual ftp server. Which is fine.

Here is the top of my current ftpaccess file for reference:

----begin-----


class   all   real,guest,anonymous  *

email root@localhost

loginfails 5

readme  README*    login
readme  README*    cwd=*

message /welcome.msg            login
message .message                cwd=*

compress        yes             all
tar             yes             all
chmod           no              guest,anonymous
delete          no              guest,anonymous
overwrite       no              guest,anonymous
rename          no              guest,anonymous

log transfers anonymous,real inbound,outbound

shutdown /etc/shutmsg

passwd-check rfc822 warn

#here we try and limit what can be done in an anonymous upload directory
upload  /home/ftp/ftp.somewhere.com/vendors/       yes     paul     paul
770     nodirs
upload /vendors       yes     paul     paul     770     nodirs
upload  /home/anon-ftp/ftp.somewhere.com/vendors/       yes     paul
paul     770     nodirs

--- end ----

as you can see, I've tried 3 separate lines for the upload...
the 'real' directory path is
/home/anon-ftp/ftp.somewhere.com/vendors/

/home/ftp/ is a sym link... (for convenience).

and the 'root' to any anonymous ftp user in this case is
/home/anon-ftp/ftp.somewhere.com/

None of the above seem to have any effect... the anonymous user can still
make directories, and I know this is how a lot of Warez traders hack into
servers to use for that... (making directories with spaces and what not).

Anyway.... anyone who can throw me a bone on this.. I would be very grateful.

- Paul

-------------------Kudosnet Communication Services--------------------
[EMAIL PROTECTED]                                    www.kudosnet.com


For value added web hosting and internet commerce sites
http://kudosnet.com/services/

-------------879 View Rd. Qualicum Beach, Canada V9K 1N3--------------



-- 
  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
         To unsubscribe: mail [EMAIL PROTECTED] with 
                       "unsubscribe" as the Subject.

Reply via email to