Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] ftp server "best practice"
  • From: "Jörn Ott" <suse-security@xxxxxxxxxxxxxx>
  • Date: Thu, 24 Jul 2003 18:57:56 +0200 (CEST)
  • Message-id: <33464.192.168.200.3.1059065876.squirrel@xxxxxxxxxxxxxxxxxxxxxxxxx>
Hi Daniel,
> I think what the software teams is looking to do is to setup an
> account for that customer on the ftp site where the customer can log
> in and download files intended for that customer only. That's simple
> with
> an ftp server since it will have the concept of a "home directory" for
> that ftp user.
That concept also exists on a webserver. When you use the SuSE default
config for a webserver, the http://server/~user/ is directed to the dir
/home/user/public_html (apache: mod_userdir).

Of course, you'd still have to secure the dir with a .htaccess. I
personally don't like the mod userdir, so we use normal subdirectories
in /srv/www and have authentication to each dir by a .htaccess file. The
authentication is done against a mysql database but afaik apache also
supports auth against ldap. So, all the techie has to do is to create a
directory for a certain user, copy a prepped .htaccess into it and
modify the allowed users/groups in it. This can also be done by a
script.

mfg
Jörn Ott

--
------------------------------------------------------------
Jörn Ott Telefon: (0 22 24) 94 08 - 73
EDV Service & Beratung Telefax: (0 22 24) 94 08 -74
Lohfelder Str. 33 E-Mail: mailto:white@xxxxxxxxxxxxxx 53604
Bad Honnef WWW: http://www.ott-service.de/



< Previous Next >
Follow Ups