- 论坛徽章:
- 1
|
建立匿名ftp即可。Solaris 8下man ftpd中有详细的步骤:
Example (Solaris 8): Setting Up An Anonymous Ftp
To set up anonymous ftp, add the following entry to the /etc/passwd file. In this example, /export/ftp was chosen to be the anonymous ftp area, and the shell is the non-existent file /nosuchshell. This prevents users from logging in as the ftp user.
ftp :30000:30000:Anonymous FTP:/export/ftp:/nosuchshell
Add the following entry to the /etc/shadow file:
ftp:NP:6445::::::
The banner returned by in.ftpd in the parenthetical portion of its greeting is configurable. The default is equivalent to "`uname -sr`" and will be used if no banner is set in /etc/default/ftpd. To set the banner, add a line of the form
BANNER="..."
to /etc/default/ftpd. Nonempty banner strings are fed to shells for evaluation.
The default banner may also be obtained by
BANNER="`uname -s` `uname -r`"
and no banner will be printed if /etc/default/ftpd contains
BANNER="
For anonymous ftp users, in.ftpd takes special measures to restrict the client's access privileges. The server performs a chroot(2) command to the home directory of the "ftp" user. In order that system security is not breached, it is recommended that the "ftp" subtree be constructed with care; the following rules are suggested.
~ftp Make the home directory owned by root and unwritable by anyone.
~ftp/bin
Make this directory owned by the superuser and unwritable by anyone. Make this a symbolic link to ~ftp/usr/bin The program ls(1) must be present to support the list commands. This program should have mode 111.
~ftp/usr/lib
Make this directory owned by the superuser and unwritable by anyone. Copy the following shared libraries from /usr/lib into this directory:
ld.so.1*
libc.so.1*
libdl.so.1*
libmp.so.2*
libnsl.so.1*
libsocket.so.1*
nss_compat.so.1*
nss_dns.so.1*
nss_files.so.1*
nss_nis.so.1*
nss_nisplus.so.1*
nss_xfn.so.1*
straddr.so*
straddr.so.2*
~ftp/etc
Make this directory owned by the superuser and unwritable by anyone. Copies of the files passwd(4), group(4), and netconfig(4) must be present for the ls(1) command to work properly. These files should be mode 444.
~ftp/pub
Make this directory mode 755 and owned by root. Users should then place files which are to be accessible via the anonymous account in this directory.
~ftp/dev
Make this directory owned by the superuser and unwritable by anyone. First perform ls -lL on the device files listed below to determine their major and minor numbers, then use mknod to create them in this directory.
/dev/zero
/dev/tcp
/dev/udp
/dev/ticotsord
Set the read and write mode on these nodes to 666 so that passive ftp will not fail with "permission denied" errors.
~ftp/usr/share/lib/zoneinfo
Make this directory mode 555 and owned by the superuser. Copy its contents from /usr/share/lib/zoneinfo. This enables ls -l to display time and date stamps correctly. |
|
免费注册
发表于 2007-07-14 15:40
Ensure that root is listed in /etc/ftpd/ftpusers so that root is denied ftp access
很少发贴,没什么经验,请多多包涵~~
