FTP security 1

[4star]

We have users who use WS_FTP95 or Toad to ftp files from local PC to a specific directory on the server. Permissions have been assigned on AIX and it works fine when user logs on AIX.However, the problem is they can cd to any other directory on the server from their local PC with a standard FTP client.We have multiple users each having their own logins.

 

[khalidaaa]

oh yeah, the old security cd user restriction problem

You can either remove the 'x' from the user's home directory which in this case will prevent users from using cd behind their home directory!

or you can assign Rsh shell for the users and tune it for their usage

or one more trick is to write a script called cd which prevent the user from using cd (to the extent you like) and put that script in the user's path in the profile! but ofcourse they can always run it if they use the full path for the cd!

Regards,
Khalid

 

[4star]

Thanks Khalidaa,
The x you are refering,is it the permission on folder.

Regards
Kamlesh

 

[needcoffee]

You could also replace the standard ftp daemon with ProFTPD. This daemon allows you more control over ftp access on the server including the ability to limit directory access by user or group.

Here's the project page ProFTPD. Current release is 1.3.1rc1

You can find the binary from the IBM AIX at release level 1.2.8 here IBM AIX Toolbox Download Page
or
from UCLA at release 1.3.0rc5 Public Domain Software Library for AIX

needcoffee