Deny directory listing on vsftpd anonymous upload

Nikkilä Tommi tommi.nikkila at wmdata.fi
Tue Jul 24 10:36:24 UTC 2007 

You are absolutely right, this works. 

Only the thing is, in this case, the users must be able to see the upload directory when (s)he logs into the server (that is to get a directory listing. Why? Well, let's face it: they are ... users). If I use the dir_list=no option, (s)he can't see the initial directory listing and I get a lot of complaints. 

Only thing I came up with is to chmod the upload directory to deny the read rights. I guess what I'm looking for is a bit out of the scope for vsftpd (or for any ftp daemon).


--
Tommi Nikkilä

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com] On Behalf Of Nigel Wade
Sent: 24. heinäkuuta 2007 12:10
To: General Red Hat Linux discussion list
Subject: Re: Deny directory listing on vsftpd anonymous upload

Nikkilä Tommi wrote:
> If you mean the dirlist_enable option that is a definite no-no, since
> it prohibits the directory listing from everybody and I need the
> other users to be able to see the contents of their respective
> directories. Also the deny_file and hide_file options are out unless
> they could somehow be tweaked to rule out [directory]/* and only to
> be effective on the anonymous user. I guess a anon_hide_file option
> would be a needed addition...

You can specify per-user settings with vsftpd. In the config file you 
can define a directory to hold the per-user config files 
(user_config_dir). In that directory you create a file for each user 
who's configuration needs to differ from the default. You only need to 
put the non-default settings in to the file.

Create a file in your user_config_dir called ftp (ftp is the anonymous 
user) with the line:
dirlist_enable=no

That should give a "550 Permission denied" message if the anonymous user 
attempts a directory listing.

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw at ion.le.ac.uk
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list