On Tue, Aug 31, 2004 at 06:03:02PM +0200, lycanthrope wrote: > I'm trying to set up FTP server. I enable the line in inetd, created a user ftp in > group ftp. now, the ftp user and anonymous can log into FTP, and download. BUT, > anonymous user can ALSO UPLOAD. how to restrict anonymous account to downloading > only?
The simplest thing to do is to make the anonymous FTP area readable by the ftp UID, but not writable. Assuming your ftp user also has ftp as it's primary group: # chown -R root:ftp ~ftp/pub # chmod -R o+rwX,g-w+rX,o-rwx ~ftp/pub should do the trick, assuming you're going by the comments towards the end of ftpd(8) man page on how to lay out the anonymous FTP area. If you need to create a group 'ftp' use: # pw group add -n ftp -g 21 -M root and to make that the primary group of the ftp user: # pw user mod -n ftp -g ftp Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature