Hallo Ich bin am umstellen von WU.ftp auf ProFTP. Und irgendwie hab ich da noch ein Problem. Ich will und muss Anonymous-Zugang haben. Das kriege ich hin, wobei ich auch da froh um jeden Verbesserungstipp bin. Mein momentanes Hauptproblem liegt darin. Wenn ich mich als Anonmous einlogge und in das Verzeichnis etc wechsle, kann ich dort die beiden Dateien passwd und group lesen und das will ich nicht. Aber ich habe keinen blassen Schimmer, warum das bei mir geht. Zudem würde ich gerne den Anonymous direkt ins pub verfrachten. Habe gleich mal meine schon etwas verbastelte proftpd.conf angehängt.Damits bisschen kürzer wird, habe ich hier einige Kommentare gelöscht. Bin wirklich sehr dankbar, um ein paar Tipps. Gruss Fabian ---schnipp --- schnapp ServerName "ftp.server.com" ServerType standalone ServerAdmin ftpadm@server.com #ServerIdent on "FTP Server ready" DeferWelcome on DefaultServer on # Enable PAM for authentication... # #AuthPAM on #AuthPAMAuthoritative off #AuthPAMConfig proftpd # Port 21 is the standard FTP port. Port 21 #SocketBindTight on # Umask 022 is a good standard umask to prevent new dirs # and files from being group and world writable. Umask 022 # security fix as recommendet by proftpd-development-team DenyFilter \*.*/ # Set the user and group that the server normally runs at. User nobody Group nogroup # Normally, we want files to be overwriteable. AllowOverwrite on # HiddenStor off # #HideNoAccess on </Directory> PathAllowFilter "^[a-zA-Z0-9_.-]+$" #PathAllowFilter "^[a-zA-Z0-9~ \*\/,_.-]+$" PathDenyFilter "(\.ftp)|(\.ht)[a-z]+$" #PathDenyFilter "\.ftp[a-z]+$" # Do not allow to pass printf-Formats (security! see documentation!): #AllowFilter "^[a-zA-Z0-9@~' \*\/,_.-]*$" #DenyFilter "%" MaxInstances 30 # Performance: skip DNS resolution when we process the logs... UseReverseDNS on # Turn off Ident lookups IdentLookups off # Set the maximum number of seconds a data connection is allowed # to "stall" before being aborted. TimeoutStalled 120 # Where do we put the pid files? ScoreboardPath /var/run/proftpd # # Logging options # TransferLog /var/log/xferlog # Some logging formats # LogFormat default "%h %l %u %t \"%r\" %s %b" #LogFormat auth "%v [%P] %h %t \"%r\" %s" #LogFormat write "%h %l %u %t \"%r\" %s %b" # Log file/dir access #ExtendedLog /var/log/proftpd.access_log WRITE,READ write # Record all logins #ExtendedLog /var/log/proftpd.auth_log AUTH auth # Paranoia logging level.... ExtendedLog /var/log/proftpd.paranoid_log ALL default # # Do a chroot for web-users (i.e. public or www group), but # do not change root if the user is also in the users group... # #DefaultRoot ~/public_html public,!users # # Limit login attempts #MaxLoginAttempts 3 # Users needs a valid shell RequireValidShell on # # Use special Auth files instead.... # #AuthUserFile /var/proftpd/authfiles/passwd #AuthGroupFile /var/proftpd/authfiles/group # # Use LDAP server - see README.LDAP # #LDAPServer "localhost" #LDAPPrefix "dc=your,dc=domain,dc=top" #LDAPDN "cn=YourDNUser,dc=your,dc=domain,dc=top" #LDAPDNPass "YourDNUserPassword" # uncomment for anonymous...: # # # After anonymous login, daemon runs as: User ftp Group nogroup # # # We want clients to be able to login with "anonymous" as well as "ftp" UserAlias anonymous ftp # # # Limit the maximum number of anonymous logins MaxClients 3 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. DisplayLogin msgs/welcome.msg DisplayFirstChdir .message # # # Deny write operations to all directories, underneath root-dir # # Default is to allow, so we don't need a <Limit> for read operations. <Directory pub> <Limit WRITE STOR DIR> DenyAll </Limit> </Directory> # # # Only uploads into incomming directory are allowed... Umask 017 <Limit STOR READ> DenyAll </Limit> #... allow file storing, but not other writes <Limit STOR CWD CDUP> AllowAll </Limit> </Directory> <Directory etc> <Limit ALL> </Limit> </Directory> </Anonymous>