HPE Community
Operating System - HP-UX
1832244 Members
3343 Online
110041 Solutions
New Discussion

ftp problem

 
Hamdy Al-Sebaey
Regular Advisor

‎12-21-2000 02:31 PM

‎12-21-2000 02:31 PM

ftp problem

Collegae,
Would you like to help me to solve this problem,today a user tried to use ftp to see some files, I noticed that the user can see everything under /root, moreover he can read /etc/passwd.
I've two questions.
1- what can I do to let user's use ftp,but let them see thier own home directory?.
2-On one of our DB's there is a lot of PDF files which are used through user's, so they use explore to ftp the server then they can read those pdf files, but here they must type their own passwd.
a-how can I prevent that, I mean typing their own passwd?.
b-how can I let them see only those PDF files + their own home directory, although the owner is oracle & the group is DB group?.

Thanks a lot for your help.

Thanks for sharing knowledge
0 Kudos
Reply
8 REPLIES 8
Hamdy Al-Sebaey
Regular Advisor

‎12-21-2000 02:42 PM

‎12-21-2000 02:42 PM

Re: ftp problem

Once again, When I saw that the user's can see everything on the server, I put all the use's in /etc/ftpd/ftpusers to prevent them from using ftp, tell I can find a solution for this problem.
Thanks for sharing knowledge
0 Kudos
Reply
Tom Danzig
Honored Contributor

‎12-21-2000 03:09 PM

‎12-21-2000 03:09 PM

Re: ftp problem

You should be able to set up a chroot environment for ftp users although I'm not sure of the specifics. Try a "man chroot" and see if that puts you on the right track.

Hope this helps some.
0 Kudos
Reply
Vikas Khator
Honored Contributor

‎12-21-2000 05:08 PM

‎12-21-2000 05:08 PM

Re: ftp problem

Hi ,

Try setting the shell for user as restricted shell. This will prevent users to cd to other directories.

For ftping without providing password do a man on netrc. But it has security issues.

Hope this helps.
Keep it simple
0 Kudos
Reply
Hamdy Al-Sebaey
Regular Advisor

‎12-22-2000 03:27 AM

‎12-22-2000 03:27 AM

Re: ftp problem

Hi Vikas,
Would you like to tell me how can I restrict the user's shell?

Thanks alot
Thanks for sharing knowledge
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎12-22-2000 05:53 AM

‎12-22-2000 05:53 AM

Re: ftp problem

Hi
For info on restricted shell try here :-

http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90680/B2355-90680_top.html&con=/hpux/onlinedocs/B2355-90680/00/03/315-con.html&toc=/hpux/onlinedocs/B2355-90680/00/03/315-toc.html&searchterms=rsh&queryid=20001222-055326

HTH

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Vikas Khator
Honored Contributor

‎12-22-2000 08:31 AM

‎12-22-2000 08:31 AM

Re: ftp problem

Hi,

In the password file, the last column is the shell for the user . Change it from /usr/bin/sh to /usr/bin/rsh.

This would mean that users will have restricted shell even if they normally log in. In that case you may want to create another account for the user that might have restricted shell .

e.g. user vikas could have 2 accounts:
vikas
vikasftp

where vikas is regular account and vikasftp with restricted shell. Also you want to make sure vikas is there is ftpusers file so that they do not ftp using that account.

Hope this helps.
Keep it simple
0 Kudos
Reply
Hamdy Al-Sebaey
Regular Advisor

‎12-24-2000 02:58 PM

‎12-24-2000 02:58 PM

Re: ftp problem

hello everybody,
First of all thanks alot for your help.
Mij second question is that;
Up till now you did not mention to the second part of my question which is how can I give them(user's) right to read all PDF files, which they are allocated on another LV & which is owned by Oracle user and group DB?.
Once again thanks alot& have a haapy new year.
Thanks for sharing knowledge
0 Kudos
Reply
Trevor Dyson
Trusted Contributor

‎12-26-2000 04:26 AM

‎12-26-2000 04:26 AM

Re: ftp problem

Hi,

I believe you will be able to control access to files and directories using the Washongton University version of ftp (wu-ftp) This is provided with HP-UX 11.x.

If you are using HP-UX 10.x then you can obtain wu-ftp from http://hpux.cs.utah.edu/hppd/hpux/Networking/FTP/wu_ftpd-2.6.1/

Once you have this then check out the ftpaccess man page (use: man ftpaccess)

I've got a little black book with me poems in
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.