User profile for user: Coenraads
Coenraads Author
User level: Level 1
0 points

restrict ftp-user access

Hi there,

I'm in the process of setting up my old mac as an ftp-server.
I got this to work (in the system-prefs, I switched ftp-access on and then created multiple users for all the people that need to acces my server).

But...now al fpt-users have acces to all my folders (system, libary, documents etc). And I want them to only have access to the "users" folder and its contents.

Any ideas on how to do this?

Thanks!
Christiaan

G5, Mac OS X (10.4.7)

Posted on Sep 12, 2006 12:59 AM

Reply
4 replies
User profile for user: biovizier
biovizier
User level: Level 5
7,931 points

Sep 12, 2006 6:18 AM in response to Coenraads

One way might be to set up an '/etc/ftpchroot' file listing the ftp users' names. By default, this restricts access to the users' "home" directories, as described in the hint below. I haven't tested it lately, but there was a time when this feature was broken in OS X, but I think that's been fixed.
http://www.macosxhints.com/article.php?story=20010508211503599

Looking at the ' man' page, I think you can also set up chroot in the '/etc/ftpd.conf' file, but I've never tested that.
Reply
User profile for user: Coenraads
Coenraads Author
User level: Level 1
0 points

Sep 13, 2006 12:28 AM in response to biovizier

Thanks for the reply.

This hint "...makes each listed user's home directory appear as the root of the system via FTP, so there's no way they can move "up" out of their directories"
This is workable for my purpose, so I'll try it.

But what I would rrrrealy like to do is to have the main user folder (so not a specific user folder) appear as the home directory to all users.
Reply
User profile for user: biovizier
biovizier
User level: Level 5
7,931 points

Sep 13, 2006 1:07 PM in response to Coenraads

I rarely use ftp, so I don't really know the ins-and outs, and I think OS X may do things a little differently, with respect to the "Finder". I just tried the ' ftpchroot' method, and found that users were restricted to their "home" in the "Finder", but via the command line, they were restricted to "/Users", so depending on the ftp client, this might actually end up doing what you intended originally.

Next, I tried tweaking things in the ' ftpd.conf' file, and in both "Finder" and the command line, users were restricted to "/Users", except that in maybe one in five tries, the user would be able to successfully ' cd ..' to "/". The inconsistency makes me suspect some sort of glitch if not an outright bug. On the other hand, it could be just my system.

Looking around the web, some other users seem to be complaining about ' chroot' via ' ftpd.conf' not working in Tiger, but since I don't really know what I'm doing, it would probably be best to try reading the ' man' page for ' ftpd.conf' or searching the web and testing for yourself. Otherwise, maybe try asking in the "unix" section of this site...
Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

restrict ftp-user access

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up