> Richard Bartlett > Hacker Immunity Ltd > > (I'm currently working on setting up permissions so the uploadable > directories are execute only; i.e. you can't see it in dir/ls, but you can > cd to it, and the dir names will be suitably obscure to prevent them being > guessed). Proftpd also solves this nicely, you do not need to fight with file permissions/etc, simply configure proftpd, such as: <Directory /home/ftp/uploads> AllowOverwrite off <LIMIT WRITE> AllowAll </LIMIT> <LIMIT READ> Order Allow,Deny Allow from 10.3.0. Deny from all </LIMIT> </Directory> This let's anyone upload, butnot overwrite files, and anyone from 10.3.0.* can download/delete files in the directory for example (or you could use "DenyAll" and then "manually" move files around or whatever). Kurt Seifried, seifriedat_private Securityportal - your focal point for security on the 'net
This archive was generated by hypermail 2b30 : Thu May 17 2001 - 13:42:57 PDT