Hi all,
Thanks for the suggestions. I've just finished installing vsftp and so
far it's working like a charm.
I did think the behaviour of proftpd was a bit fishy. I had only played
with it briefly in my previous incarnation as a sys admin but I must say
vsftp is much quicker and the users are chrooted.
Now to play a bit with the other options.
Oh how I missed linux. :-)
Collin
Bill Strosberg wrote:
Pedro I. Sanchez wrote:
Collin McCrank wrote:
Hello all,
I've been out of the linux loop for a couple of years now and am once
again in a sys admin position. Something strange has come up and I was
wondering if I have your imput/suggestions on it.
There is a server in the office running Mandrake 10.2 and ProFTPD
1.2.10-9. (I didn't set these up, they are legacy from my successor)
Everything about it is fine except for one issue. When someone uses
IE7
to browse the ftp site they aren't chroot-ed like they are in IE6 and
Mozilla or any other ftp program. What happens is they log on with a
user/pass and should be taken to /home/some_user (there is no anon on
this ftp), and unable to move up a directory.
What is happening in IE7 is a user logs on with his/her credentials and
it drops them right to /home and they then have access to all the other
users folders instead of being trapped in their own home folder.
I've tried searching on Google but with no luck.
Thanks
Collin
p.s. Other than ProFTPD do you suggest any other ftp servers?
I don't know about your problem but I would recommend that you take a
look at vsftpd (http://vsftpd.beasts.org/) which I've been using for
years without any troubles whatsoever. vsftpd powers sites such us
ftp.openbsd.org, ftp.redhat.com, ftp.debian.org, ftp.gnu.org and
ftp.gnome.org. An impressive list I should say.
Second the vote for vsftpd. I've used it for years on every site
where FTP is unavoidable.
Although, I've now got almost everyone switched to SSH/SFTP with only
a couple exceptions.
Your directory access issue seems to be a configuration problem. IE
doesn't have magical abilities to bypass a chrooted environment - I
would expect that it may be ignoring a "suggested" working directory
and defaulting to the user home. Chroot environments do not vary by
client, and software that allowed bypassing a chroot jail just because
the client was different would be incredibly lame. I would take a
hard look at your ftp daemon configuration - and I would bet you are
either not really running in a chroot jail, or the new chroot'ed root
directory is really the user home. Something is very fishy about your
reported behavior.
--
Bill Strosberg
_______________________________________________
Linux mailing list
Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
http://www.oclug.on.ca/mailman/listinfo/linux
--
Collin McCrank
Systems Administrator
W. R. Davis Engineering
Phone: (613)748-5500
Fax: (613)748-3972
Email: cmccrank [ at ] davis-eng [ dot ] com