Re: vsftpd restrict user access
- Only problem I could see here is that it appears that access control
is done by Samba, see /etc/samba/smb.conf. At the Linux level
anyone pretty can read and write anyone elses files, unless you
chmod/chown through telnet. This could be a problem if samba or ftp
as the case may be are compromised.
--- In firstname.lastname@example.org, "slayerlover2004" <mgoebel@g...>
> Here are some additional steps I'm going to take with my setup. I'd
> love some input, and if anyone thinks it's useful I'll put it on
> wiki. Hopefully it makes sense.access, "local"
> 1 - create groups "local" and "remote".
> 2 - create share "remote"
> 3 - change "Disk 1" access rights. give "everyone" no
> RW access, and "remote" R access.access, "local"
> 4 - change "remote" access rights. give "everyone" no
> RW access, and "remote" RW access.nothing
> 5 - add only local (lan side) users to "local" group. create a
> separate remote user that is added to the remote group.
> This way, when accessing your data from a remote location, you can
> still download from anywhere on your main share, and upload to a
> specific location. If your username/password are compromised,
> too malicious can happen too easily, as the remote user only has RW
> access to the "remote" share. You can change things between the
> "remote" and "disk 1" shares as your local user when you get home.