restrict ftp access

Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?

I believe you can disallow all ftp access for a user by listing that
user in the file “/etc/ftppusers”.
ms…

Mark Rajpal <mrajpal@viewtrak.com> wrote:

Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?

http://www.qnx.com/developers/docs/momentics621_docs/neutrino/utilities/f/ftpchroot.html

Frank Liu <fliu@usdjmp1.eng.vodafone-us.com> wrote:

Mark Rajpal <> mrajpal@viewtrak.com> > wrote:
Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?

http://www.qnx.com/developers/docs/momentics621_docs/neutrino/utilities/f/ftpchroot.html

oops, didn’t notice we are in qnx4 group.
not sure if qnx4’s ftpd has built-in chroot support, but I have used
wu-ftpd in the past without a problem.

On 2 Mar 2005 18:21:17 GMT, Frank Liu <fliu@usdjmp1.eng.vodafone-us.com>
wrote:

not sure if qnx4’s ftpd has built-in chroot support
/usr/ucb/ftpd v5.6 has no chroot capability.

Tony.

Create the following directory structure:

/home/username/home/username

In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)

Now the when the user logs in they will start at
‘/home/username/home/username’ and be restricted to the /home/username/home.
To the user it will appear as /home/username

Regards,

Joe

“Mark Rajpal” <mrajpal@viewtrak.com> wrote in message
news:d02c91$scn$1@inn.qnx.com

Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?

On Thu, 3 Mar 2005 09:05:37 -0500, Joe Mammone <hw@qnx.com> wrote:

Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)
Wow!

Where did you find this setting?

Tony.

(PS I’ve disabled any FTP access but getting more info about it is very
interesting)

I had vague memories of how to setup the home directory, I asked around here
and updating the /etc/passwd file came up.
I tried it out on a QNX4 box and it all worked out nicely.

Regards,

Joe

“Tony” <mts.spb.suxx@mail.ru> wrote in message
news:opsm2p5xcyo93ri4@mobile…

On Thu, 3 Mar 2005 09:05:37 -0500, Joe Mammone <> hw@qnx.com> > wrote:

Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)
Wow!
Where did you find this setting?

Tony.

(PS I’ve disabled any FTP access but getting more info about it is very
interesting)

On Thu, 3 Mar 2005 17:35:34 -0500, Joe Mammone <hw@qnx.com> wrote:

I had vague memories of how to setup the home directory, I asked around
here and updating the /etc/passwd file came up.
I think this should be documented.

Please re-post this in the “UnDocumented QNX4: usefull features.” down in
this news group. That topic is (I hope) watched by Steve Reid.

Tony.

Tony <mts.spb.suxx@mail.ru> wrote:

On Thu, 3 Mar 2005 17:35:34 -0500, Joe Mammone <> hw@qnx.com> > wrote:

I had vague memories of how to setup the home directory, I asked around
here and updating the /etc/passwd file came up.
I think this should be documented.
Please re-post this in the “UnDocumented QNX4: usefull features.” down in
this news group. That topic is (I hope) watched by Steve Reid.

No need to repost – I’ve seen it here.


Steve Reid stever@qnx.com
TechPubs (Technical Publications)
QNX Software Systems

On 4 Mar 2005 13:48:34 GMT, Steve Reid <stever@sreid.ott.qnx.com> wrote:

No need to repost – I’ve seen it here.
Good!

But having the post there as well a sort of guarantees that the valuable
information might be found by others too.

Tony.

Hi All,

Could someone please give a little fuller explanation of this?

I tried creating the “double” home directory thingie and putting an ‘*’
in the passwd file for a user account on one of our test systems. And
then telnet’ed in as that user. I did not end up in the second level
directory, but I did find myself in a somewhat restricted environment.
I was unable to execute any command that started with a ‘/’ in the path.
The PATH env var was set to “/bin:/usr/bin” BTW. In fact I could
seemingly only execute shell commands, because there were no
executables accessable. So, I created a /home//home/bin
directory (as root form another window/sh access point) and copied ‘ls’
into the users local bin dir. Executing “alias ls=./home/bin/ls”, I
experienced some interesting results…

“ls /” Did indeed list the /home/ directory, as if it were
the root dir.
“ls …” Listed the /home directory.
“ls …/…” Listed the root directory.

FYI… On all our systems /home is prefixed as /home=/u/home, incase that
might have something to do with it.

Am I missing something here? Or is this just a half baked solution? …
No offense intended :wink:

TIA

-Rob

Joe Mammone wrote:

I had vague memories of how to setup the home directory, I asked around here
and updating the /etc/passwd file came up.
I tried it out on a QNX4 box and it all worked out nicely.

Regards,

Joe

“Tony” <> mts.spb.suxx@mail.ru> > wrote in message
news:opsm2p5xcyo93ri4@mobile…

On Thu, 3 Mar 2005 09:05:37 -0500, Joe Mammone <> hw@qnx.com> > wrote:


Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)

Wow!
Where did you find this setting?

Tony.

(PS I’ve disabled any FTP access but getting more info about it is very
interesting)

On Fri, 04 Mar 2005 09:38:18 -0600, Rob Hem <rob@spamyourself.com> wrote:

“ls /” Did indeed list the /home/ directory, as if it were
the root dir.
“ls …” Listed the /home directory.
“ls …/…” Listed the root directory.
Could you cd there?

I’ve found that properly chrooting a user is nearly impossible in QNX4…

Tony.

In a word, yes.

But, things turn rather weird, if I try to get back home. Here may be
a clue as to why. After login…
$ pwd
//12/u/home/user
$ cd
$ pwd
/home/user

At which point I can’t do anything, but shell commands/builtins. It’s
like I’m in nowhere land. Perhaps the /home=/u/home prefix is causing
this strangeness?

-Rob

Tony wrote:

On Fri, 04 Mar 2005 09:38:18 -0600, Rob Hem <> rob@spamyourself.com> > wrote:

“ls /” Did indeed list the /home/ directory, as if it were
the root dir.
“ls …” Listed the /home directory.
“ls …/…” Listed the root directory.

Could you cd there?

I’ve found that properly chrooting a user is nearly impossible in QNX4…

Tony.