Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?
I believe you can disallow all ftp access for a user by listing that
user in the file “/etc/ftppusers”.
ms…
Mark Rajpal <mrajpal@viewtrak.com> wrote:
Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?
http://www.qnx.com/developers/docs/momentics621_docs/neutrino/utilities/f/ftpchroot.html
Frank Liu <fliu@usdjmp1.eng.vodafone-us.com> wrote:
Mark Rajpal <> mrajpal@viewtrak.com> > wrote:
Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?http://www.qnx.com/developers/docs/momentics621_docs/neutrino/utilities/f/ftpchroot.html
oops, didn’t notice we are in qnx4 group.
not sure if qnx4’s ftpd has built-in chroot support, but I have used
wu-ftpd in the past without a problem.
On 2 Mar 2005 18:21:17 GMT, Frank Liu <fliu@usdjmp1.eng.vodafone-us.com>
wrote:
not sure if qnx4’s ftpd has built-in chroot support
/usr/ucb/ftpd v5.6 has no chroot capability.
Tony.
Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)
Now the when the user logs in they will start at
‘/home/username/home/username’ and be restricted to the /home/username/home.
To the user it will appear as /home/username
Regards,
Joe
“Mark Rajpal” <mrajpal@viewtrak.com> wrote in message
news:d02c91$scn$1@inn.qnx.com…
Is there an easy way to restrict ftp access?
For example, how could I restrict a user’s access to their home direct?
On Thu, 3 Mar 2005 09:05:37 -0500, Joe Mammone <hw@qnx.com> wrote:
Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)
Wow!
Where did you find this setting?
Tony.
(PS I’ve disabled any FTP access but getting more info about it is very
interesting)
I had vague memories of how to setup the home directory, I asked around here
and updating the /etc/passwd file came up.
I tried it out on a QNX4 box and it all worked out nicely.
Regards,
Joe
“Tony” <mts.spb.suxx@mail.ru> wrote in message
news:opsm2p5xcyo93ri4@mobile…
On Thu, 3 Mar 2005 09:05:37 -0500, Joe Mammone <> hw@qnx.com> > wrote:
Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)
Wow!
Where did you find this setting?Tony.
(PS I’ve disabled any FTP access but getting more info about it is very
interesting)
On Thu, 3 Mar 2005 17:35:34 -0500, Joe Mammone <hw@qnx.com> wrote:
I had vague memories of how to setup the home directory, I asked around
here and updating the /etc/passwd file came up.
I think this should be documented.
Please re-post this in the “UnDocumented QNX4: usefull features.” down in
this news group. That topic is (I hope) watched by Steve Reid.
Tony.
Tony <mts.spb.suxx@mail.ru> wrote:
On Thu, 3 Mar 2005 17:35:34 -0500, Joe Mammone <> hw@qnx.com> > wrote:
I had vague memories of how to setup the home directory, I asked around
here and updating the /etc/passwd file came up.
I think this should be documented.
Please re-post this in the “UnDocumented QNX4: usefull features.” down in
this news group. That topic is (I hope) watched by Steve Reid.
No need to repost – I’ve seen it here.
Steve Reid stever@qnx.com
TechPubs (Technical Publications)
QNX Software Systems
On 4 Mar 2005 13:48:34 GMT, Steve Reid <stever@sreid.ott.qnx.com> wrote:
No need to repost – I’ve seen it here.
Good!
But having the post there as well a sort of guarantees that the valuable
information might be found by others too.
Tony.
Hi All,
Could someone please give a little fuller explanation of this?
I tried creating the “double” home directory thingie and putting an ‘*’
in the passwd file for a user account on one of our test systems. And
then telnet’ed in as that user. I did not end up in the second level
directory, but I did find myself in a somewhat restricted environment.
I was unable to execute any command that started with a ‘/’ in the path.
The PATH env var was set to “/bin:/usr/bin” BTW. In fact I could
seemingly only execute shell commands, because there were no
executables accessable. So, I created a /home//home/bin
directory (as root form another window/sh access point) and copied ‘ls’
into the users local bin dir. Executing “alias ls=./home/bin/ls”, I
experienced some interesting results…
“ls /” Did indeed list the /home/ directory, as if it were
the root dir.
“ls …” Listed the /home directory.
“ls …/…” Listed the root directory.
FYI… On all our systems /home is prefixed as /home=/u/home, incase that
might have something to do with it.
Am I missing something here? Or is this just a half baked solution? …
No offense intended
TIA
-Rob
Joe Mammone wrote:
I had vague memories of how to setup the home directory, I asked around here
and updating the /etc/passwd file came up.
I tried it out on a QNX4 box and it all worked out nicely.Regards,
Joe
“Tony” <> mts.spb.suxx@mail.ru> > wrote in message
news:opsm2p5xcyo93ri4@mobile…On Thu, 3 Mar 2005 09:05:37 -0500, Joe Mammone <> hw@qnx.com> > wrote:
Create the following directory structure:
/home/username/home/username
In the /etc/passwd file change the ‘x’ to an ‘*’. (second column)Wow!
Where did you find this setting?Tony.
(PS I’ve disabled any FTP access but getting more info about it is very
interesting)
On Fri, 04 Mar 2005 09:38:18 -0600, Rob Hem <rob@spamyourself.com> wrote:
“ls /” Did indeed list the /home/ directory, as if it were
the root dir.
“ls …” Listed the /home directory.
“ls …/…” Listed the root directory.
Could you cd there?
I’ve found that properly chrooting a user is nearly impossible in QNX4…
Tony.
In a word, yes.
But, things turn rather weird, if I try to get back home. Here may be
a clue as to why. After login…
$ pwd
//12/u/home/user
$ cd
$ pwd
/home/user
At which point I can’t do anything, but shell commands/builtins. It’s
like I’m in nowhere land. Perhaps the /home=/u/home prefix is causing
this strangeness?
-Rob
Tony wrote:
On Fri, 04 Mar 2005 09:38:18 -0600, Rob Hem <> rob@spamyourself.com> > wrote:
“ls /” Did indeed list the /home/ directory, as if it were
the root dir.
“ls …” Listed the /home directory.
“ls …/…” Listed the root directory.Could you cd there?
I’ve found that properly chrooting a user is nearly impossible in QNX4…
Tony.