On Tue, Aug 31, 2004 at 06:03:02PM +0200, lycanthrope wrote:

> I'm trying to set up FTP server. I enable the line in inetd, created a user ftp in 
> group ftp. now, the ftp user and anonymous can log into FTP, and download. BUT, 
> anonymous user can ALSO UPLOAD. how to restrict anonymous account to downloading 
> only?

The simplest thing to do is to make the anonymous FTP area readable by
the ftp UID, but not writable.  Assuming your ftp user also has ftp as
it's primary group:

    # chown -R root:ftp ~ftp/pub
    # chmod -R o+rwX,g-w+rX,o-rwx ~ftp/pub

should do the trick, assuming you're going by the comments towards the
end of ftpd(8) man page on how to lay out the anonymous FTP area.

If you need to create a group 'ftp' use:

    # pw group add -n ftp -g 21 -M root

and to make that the primary group of the ftp user:

    # pw user mod -n ftp -g ftp



Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

Attachment: pgpK5E7IR888z.pgp
Description: PGP signature

Reply via email to