Topic: Jailing users to ~ with proftpd in eSmith

[Mike Stoddart]

Does anyone know how to configure proftpd in eSmith to jail the user to their
home directories using DefaultRoot? I know to change the file:

/etc/e-smith/templates/etc/proftpd.conf/template-begin

but it already contains a DefaultRoot, so I'm not sure how adding another one would affect the daemon. I know the syntax is:

DefaultRoot ~ users

at least I'm sure that's what is needed.

Also are there any security issues with using this. I know the syntax for DefaultRoot, but I'm not sure exactly where in the proftpd.conf it should be placed.

By default users aren't chained to their home directories, so they can browse up as far as /home/e-smith/files I think. I know this isn't classed as a security risk, but they can browser through other files that they shouldn't see.


Thanks
Mike

[Mike Stoddart]

Well, noone has replied so I'll reply to myself with another question!

The default for DefaultRoot is

DefaultRoot /home/e-smith/files

Will I cause any problems if I replace this with:

DefaultRoot ~

???? Will this affect anything else, or make my server any less secure?

Thanks

[Emory Smith]

Create /etc/e-smith/templates/etc/proftpd.conf/01Global

Edit to contain:

DefaultRoot ~ !root



HTH

[Charlie Brady]

Emory Smith wrote:
>
> Create /etc/e-smith/templates/etc/proftpd.conf/01Global

You mean, of course, /etc/e-smith/templates-custom/etc/proftpd.conf/01Global

Regards

Charlie