Loading ...
Sorry, an error occurred while loading the content.

Re: vsftpd restrict user access

Expand Messages
  • maverik044
    Only problem I could see here is that it appears that access control is done by Samba, see /etc/samba/smb.conf. At the Linux level anyone pretty can read and
    Message 1 of 10 , Dec 30, 2004
    • 0 Attachment
      Only problem I could see here is that it appears that access control
      is done by Samba, see /etc/samba/smb.conf. At the Linux level
      anyone pretty can read and write anyone elses files, unless you
      chmod/chown through telnet. This could be a problem if samba or ftp
      as the case may be are compromised.

      --- In nslu2-linux@yahoogroups.com, "slayerlover2004" <mgoebel@g...>
      wrote:
      >
      > Here are some additional steps I'm going to take with my setup. I'd
      > love some input, and if anyone thinks it's useful I'll put it on
      the
      > wiki. Hopefully it makes sense.
      >
      > 1 - create groups "local" and "remote".
      >
      > 2 - create share "remote"
      >
      > 3 - change "Disk 1" access rights. give "everyone" no
      access, "local"
      > RW access, and "remote" R access.
      >
      > 4 - change "remote" access rights. give "everyone" no
      access, "local"
      > RW access, and "remote" RW access.
      >
      > 5 - add only local (lan side) users to "local" group. create a
      > separate remote user that is added to the remote group.
      >
      > This way, when accessing your data from a remote location, you can
      > still download from anywhere on your main share, and upload to a
      > specific location. If your username/password are compromised,
      nothing
      > too malicious can happen too easily, as the remote user only has RW
      > access to the "remote" share. You can change things between the
      > "remote" and "disk 1" shares as your local user when you get home.
    Your message has been successfully submitted and would be delivered to recipients shortly.