Section 11.5. File Transfer Protocol (FTP)

11.5. File Transfer Protocol (FTP)

FTP services run courtesy of the ftpd daemon. It allows the machine's users to remotely access the filesystem, so that they can browse directory listings and transfer files to and from the machine. Normally, it obeys the filesystem permissions just as a login shell does. However, if you would like to restrict FTP users' access to their respective home directories, simply add the users' names , one per line, to a file named ftpchroot and, as root, save it in /etc .

11.5.1. Enabling Anonymous FTP

First, as described in Chapter 10, use NetInfo Manager to create a group named ftp , making sure to give it an unused GID. Next, use NetInfo Manager again to create a nonhuman user also named ftp , under which all-anonymous FTP activity will occur. For consistency, use the same number you specified for the ftp group's GID as this new account's UID, again making sure that it's not already being used by another account.

Create a home directory for ftp . (Be sure that ftp 's NetInfo directory correctly refers to this directory as its home.) Whether or not an /etc/ftpchroot file exists, the FTP server always forbids an anonymous user from accessing anywhere in the filesystem outside the ftp user's Home directory.

You can now populate this directory with whatever you wish to permit anonymous users to browse and download. To make a typical FTP site, add a pub/ folder containing all the downloadables, as well as an introductory blurb in an ftpwelcome file in /etc ; upon connection, the FTP server provides the contents of that file to the FTP client to display or record in the session transcript.

For security's sake, consider changing the ownership of all these files and folders to root using the chown command and using chmod to make them read-only for all users. This will prevent anonymous FTP users from uploading (and perhaps overwriting) files as well as keep the directory safe from tampering by local users. (A /pub/incoming directory, writeable by the FTP user, is the typical spot for anonymous file uploads, if you'd like to allow that to a limited degree.)



MAC OS X Tiger in a Nutshell
Mac OS X Tiger in a Nutshell: A Desktop Quick Reference (In a Nutshell (OReilly))
ISBN: 0596009437
EAN: 2147483647
Year: 2003
Pages: 130

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net