I am trying to protect against the guests seeing, or navigating to directories other than their home directories. I wuod have liked them to be able to follow symbolic links under their home directories. However, vsftpd does not follow symlinks if I chroot them, using the chroot_list_enable, so that they see their home directories as '/'. This seems to mess up the symlinks since these are relative to the root directory. Using bind in fstab works very well, but it feels like abusing fstab. The thing is I would like them to be able to see navigate to certain directories, and not be able to go up the tree. i.e. I am just looking for an easier way to give access to only certain folders using ftp. If I could create virtual users then I would, but I can't do this either. On Mon, 2003-09-08 at 10:01, John Haxby wrote: > Maynard Kuona wrote: > > >I am trying to set up ftp accounts on my machines, and have to resort to > >using bind in fstab to enable users to have access to folders after > >chroot'ing them to their home directories. Is there any other way, > >because I think I am abusing fstab here, and the method doesn't scale > >too well as I see it. > > > >Is there any way of making vsftpd follow symlinks, much like apache > >would do. > > > > > Symbolic links do work, but they're relative to the root directory -- > and that's changed. > > What are you trying to protect against? If a user has access to the > machine when they log in, the a chrooted ftp environment doesn't add any > protection. If the users don't have log in access, then just set up > multiple ftp guest accounts. I've done this with wu-ftpd a lot, but I > believe that the "passwd_chroot_enable" option in vsftpd.conf provides > the same functionality. > > jch > -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
