|
Home > Archive > Unix administration > March 2005 > How to restrict web user from tranversing to different directories in Solaris 2.8 FTP
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
How to restrict web user from tranversing to different directories in Solaris 2.8 FTP
|
|
| Humphrey Channey 2005-03-14, 8:47 pm |
| Hello,
Our Sun Enterprise server runs Solaris 2.8 and Oracle Portal. Our
user picks up the output dat file from our
ftp server via URL on browser, e.g., ftp://xxx.yyy.zzz/file.dat We are
using generic default ftp on our server. We want to find
ways to restrict ftp web users from traversing to other directories to
see files in our systems by clicking on ".." or "."
Basically, we do not want them to see any other files/directories
except the one that appear in the URL.
Looking forward to your help.
Thanks,
Humphrey
| |
| Michael Vilain 2005-03-14, 8:47 pm |
| In article <1110847980.458190.34720@g14g2000cwa.googlegroups.com>,
"Humphrey Channey" <humphrey.c.chan@gmail.com> wrote:
> Hello,
>
> Our Sun Enterprise server runs Solaris 2.8 and Oracle Portal. Our
> user picks up the output dat file from our
> ftp server via URL on browser, e.g., ftp://xxx.yyy.zzz/file.dat We are
> using generic default ftp on our server. We want to find
> ways to restrict ftp web users from traversing to other directories to
> see files in our systems by clicking on ".." or "."
> Basically, we do not want them to see any other files/directories
> except the one that appear in the URL.
>
> Looking forward to your help.
>
> Thanks,
>
> Humphrey
You can't restrict "real" users (users who have an account on the
system) from logging into SUN's ftp server. You can only do this with
the anonymous user. If you've setup that account per the man page
instructions, that should limit a client from looking around beyond the
"chroot"-ed directory tree of the anonymous ftp account.
If you want to implement this for "guest" users (another class of user
that SUN's in.ftpd doesn't support), you'll have to install one of the
3rd party ftp servers and configure it accordingly.
--
DeeDee, don't press that button! DeeDee! NO! Dee...
|
|
|
|
|