Topic: Don't disclose user names to ftp browsers?

[dmajwool]

In SME 6.x, how can I prevent an ftp user from seeing a list of other users names?
currently, ftp://username@hostname.com displays a link up to a higher directory where a list of all users' names is displayed.

Thanks,  David

[Buddha_Joe]

If you set the ibay in question to use a password and then logon to it via ftp using the ibay name as the username and the password you defined.

There may be another way but that is the only one that I know of at the moment.

[dmajwool]

Thanks for the thought, Joe,

Your method would require setting up an ibay for each username.  I was really hoping to use the existing user home folders as the ftp areas for each user.

If I did what you suggest and told the user to login as ftp://domain.com/ibay, the user could still type ftp://user@domain.com and expose the user structure.

I'm hoping there is some mechanism to make the folders not publicly browsable

Any further thoughts?  Can I change the folders permissions manually?

[smeghead]

search for:

dungog chroot

HTH

[dmajwool]

Thanks smeghead, chroot is exactly the thing.

I've installed version 0.1-3 on SME6.5 RC1 and it seems to be working OK.

David