On Sunday 04 September 2005 07:26pm, Peter Magnusson wrote: > On Mon, 29 Aug 2005, Lamont R. Peterson wrote: [SNIP] > > Perhaps, I'm just a little bit confused. Are you wanting your FTP server > > to provide access to the entire filesystem space? It seems like that is > > what you are asking for and that is not how FTP works. > > Correct! > My non-anonymous vsftpd server under FC3 works exactly like that. But > selinux in FC4 have problems with that. The polcy is broken. > > > FTP like HTTP serves up files only from a subset of the filesystem space. > > You wouldn't want your web server providing access to the entire > > filesystem, would you? The same is true of FTP. > > > > Please, if I am misunderstanding what you are trying to accomplish here, > > feel free to explain it. > > Yes, you are. Im NOT talking about an anonymous ftp server. I login with my > user and I expect to have the same files available as when I login over > ssh or sits in front of the computer. Daniel has already replied and told you how to make the change you want. I will just say that the setup you describe here is VERY VERY insecure. Remember, FTP is not encrypted, so your username and password are going over the wire in clear text. Also, since the FTP daemon has access to the whole filesystem, anyone can get anything on your box (possibly even write any files they want, though that would depend on more configuration details than what you have told me about). FTP is the wrong tool for this. You should use sftp (from SSH not SSL) or scp. -- Lamont R. Peterson <lamont@xxxxxxxxxxxx> Senior Instructor Guru Labs, L.C. [ http://www.GuruLabs.com/ ]
Attachment:
pgpRPTyxcmD4r.pgp
Description: PGP signature
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
